Cyber Security

Oracle issues emergency fix for pre-auth RCE in Identity Manager (CVE-2026-21992)

Oracle issues emergency fix for pre-auth RCE in Identity Manager (CVE-2026-21992)

Oracle has released an out-of-band patch for a critical and easily exploitable vulnerability (CVE-2026-21992) in Oracle Identity Manager and Oracle Web Services Manager. The company did not say whether the vulnerability has been exploited as a zero-day, but has urged customers to apply the updates or provided mitigations as soon as possible. About CVE-2026-21992 CVE-2026-21992 is caused by missing authentication for a critical function. In Oracle Identity Manager – a solution for provisioning, managing and … More

The post Oracle issues emergency fix for pre-auth RCE in Identity Manager (CVE-2026-21992) appeared first on Help Net Security.

Read More

Related Posts

Booz Allen’s Vellox brings AI vs. AI defense to protect critical infrastructure and national security

Booz Allen’s Vellox brings AI vs. AI defense to protect...

We Found Eight Attack Vectors Inside AWS Bedrock. Here's What Attackers Can Do with Them

We Found Eight Attack Vectors Inside AWS Bedrock. Here'...

Zero Networks Kubernetes Access Matrix exposes hidden access paths and blast radius

Zero Networks Kubernetes Access Matrix exposes hidden a...

AppGate delivers identity-based ZTNA for secure access across OT systems

AppGate delivers identity-based ZTNA for secure access ...

Black Duck Signal secures AI-generated code with agentic application security

Black Duck Signal secures AI-generated code with agenti...

Rubrik SAGE enables semantic governance for enterprise AI agents at scale

Rubrik SAGE enables semantic governance for enterprise ...