Oracle WebLogic Server unauthenticated remote compromise flaw (CVE-2024-21182)
Vulnerability
Summary
Hide ▲
Show ▼
CVE-2024-21182 in Oracle WebLogic Server is actively exploited and can let a network-access attacker achieve unauthenticated remote compromise. The flaw affects versions 12.2.1.4.0 and 14.1.1.0.0, and Shodan tracks 1,592 exposed servers online and vulnerable. Oracle released security patches in July 2024, but successful attacks can still expose critical data or grant complete access to WebLogic-accessible data.
Related Happenings
Oracle E-Business Suite unauth HTTP takeover security flaw (CVE-2026-46817)
Vulnerability
H score52
First: 29.06.2026 16:46
Last: 29.06.2026 16:46
Sources 1
About this happening:
Oracle E-Business Suite CVE-2026-46817 is under active exploitation, putting Oracle Payments deployments at takeover risk. The flaw allows unauthenticated HTTP a...
Oracle E-Business Suite unauth HTTP takeover security flaw (CVE-2026-46817)
VulnerabilityAbout this happening: Oracle E-Business Suite CVE-2026-46817 is under active exploitation, putting Oracle Payments deployments at takeover risk. The flaw allows unauthenticated HTTP a...
CISA orders federal patching of Oracle WebLogic CVE-2024-21182
Public Sector Action
H score53
First: 02.06.2026 15:40
Last: 02.06.2026 15:40
Sources 1
How related:
On Thursday, CISA added the vulnerability to its catalog of security flaws exploited in attacks and ordered federal agencies to patch their WebLogic servers by midnight on Thursday, June 4, as mandated by Binding Operational Directive (BOD) 22-01.
About this happening:
CISA ordered federal agencies to patch Oracle WebLogic Server against CVE-2024-21182 by June 4, creating an immediate remediation deadline for affected government...
CISA orders federal patching of Oracle WebLogic CVE-2024-21182
Public Sector ActionHow related: On Thursday, CISA added the vulnerability to its catalog of security flaws exploited in attacks and ordered federal agencies to patch their WebLogic servers by midnight on Thursday, June 4, as mandated by Binding Operational Directive (BOD) 22-01.
About this happening: CISA ordered federal agencies to patch Oracle WebLogic Server against CVE-2024-21182 by June 4, creating an immediate remediation deadline for affected government...
Oracle WebLogic Server CVE-2026-21962 rapid exploitation wave
Exploitation Wave
H score59
First: 26.03.2026 18:00
Last: 26.03.2026 18:00
Sources 1
About this happening:
Oracle WebLogic Server systems faced a rapid CVE-2026-21962 exploitation wave after public exploit code appeared, creating immediate RCE risk for exposed servers. The...
Oracle WebLogic Server CVE-2026-21962 rapid exploitation wave
Exploitation WaveAbout this happening: Oracle WebLogic Server systems faced a rapid CVE-2026-21962 exploitation wave after public exploit code appeared, creating immediate RCE risk for exposed servers. The...
Oracle WebLogic actively exploited unauthenticated RCE flaw (CVE-2026-21962)
Vulnerability
H score59
First: 26.03.2026 18:00
Last: 26.03.2026 18:00
Sources 1
About this happening:
Oracle WebLogic's CVE-2026-21962 was being actively exploited almost immediately after public exploit code appeared, creating a CVSS 10.0 unauthenticated RCE risk...
Oracle WebLogic actively exploited unauthenticated RCE flaw (CVE-2026-21962)
VulnerabilityAbout this happening: Oracle WebLogic's CVE-2026-21962 was being actively exploited almost immediately after public exploit code appeared, creating a CVSS 10.0 unauthenticated RCE risk...
Oracle Identity Manager and Oracle Web Services Manager unauthenticated RCE (CVE-2026-21992)
Vulnerability
H score42
First: 20.03.2026 20:48
Last: 20.03.2026 20:48
Sources 1
About this happening:
Oracle issued an out-of-band update to fix CVE-2026-21992, a critical unauthenticated remote code execution flaw in Oracle Identity Manager and Oracle Web Servic...
Oracle Identity Manager and Oracle Web Services Manager unauthenticated RCE (CVE-2026-21992)
VulnerabilityAbout this happening: Oracle issued an out-of-band update to fix CVE-2026-21992, a critical unauthenticated remote code execution flaw in Oracle Identity Manager and Oracle Web Servic...
Timeline
-
02.06.2026 15:40 3 articles · 1mo ago
CISA orders federal agencies to patch actively exploited Oracle WebLogic servers
Legal Policy Action UpdateCISA added CVE-2024-21182 to its catalog of vulnerabilities exploited in attacks and ordered federal agencies to patch Oracle WebLogic Server systems by midnight on Thursday, June 4 under Binding Operational Directive (BOD) 22-01. Oracle had patched the high-severity WebLogic flaw in July 2024, describing it as an easily exploitable issue that lets an unauthenticated attacker with network access via T3 or IIOP compromise Oracle WebLogic Server versions 12.2.1.4.0 and 14.1.1.0.0, and CISA urged private-sector defenders to patch affected systems as soon as possible while Shodan tracked more than 1,592 exposed servers vulnerable to CVE-2024-21182.
Show sources
- CISA flags two-year-old Oracle flaw as actively exploited in attacks — www.bleepingcomputer.com — 02.06.2026 15:40
- CISA flags two-year-old Oracle flaw as actively exploited in attacks — www.bleepingcomputer.com — 02.06.2026 15:40
- Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation — thehackernews.com — 02.06.2026 21:14