Oracle Corporation

1,042 tracked vulnerabilities.

CVE-2026-46833 CRITICAL
Oracle Database Server 23.4.0-23.26.2 - Unauthenticated Remote Code Execution via TLS in Net Service
May 28, 2026
CVSS 9.0
EPSS 0.00
CVE-2026-46830 MEDIUM
Oracle REST Data Services 24.2.0-26.1.0 - Unauthenticated Unauthorized Data Read via Mongoapi
May 28, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-46829 HIGH
Oracle Rest Data Services < 26.1.0 - Denial of Service
May 28, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-46828 HIGH
Oracle Payroll 12.2.3-12.2.15 - Authenticated Unauthorized Data Access and Modification via HTTP
May 28, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-46827 HIGH
Oracle Payroll 12.2.3-12.2.15 - Authenticated Remote Code Execution in Self Service Manager
May 28, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-46826 HIGH
Oracle Payroll 12.2.3-12.2.15 - Authenticated Remote Code Execution via Internal Operations
May 28, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-46824 CRITICAL
Oracle Universal Work Queue 12.2.3-12.2.15 - Remote Code Execution via Work Provider
May 28, 2026
CVSS 9.9
EPSS 0.00
CVE-2026-46823 HIGH
Oracle Public Sector Financials (International) 12.2.6-12.2.15 - Unauthorized Data Access via Authorization Component
May 28, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-46822 CRITICAL
Oracle iAssets 12.2.3-12.2.15 - Authenticated Remote Code Execution via HTTP
May 28, 2026
CVSS 9.9
EPSS 0.00
CVE-2026-46821 HIGH
Oracle Financials Common Modules 12.2.3-12.2.15 - Unauthorized Data Access via HTTP
May 28, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-46820 HIGH
Oracle Financials Common Modules 12.2.3-12.2.15 - Authenticated Unauthorized Data Access via HTTP
May 28, 2026
CVSS 8.5
EPSS 0.00
CVE-2026-46819 CRITICAL
Oracle Internet Procurement Connector 12.2.3-12.2.15 - Unauthenticated Data Manipulation and Access via HTTP
May 28, 2026
CVSS 9.1
EPSS 0.00
CVE-2026-46818 HIGH
Oracle Payments 12.2.3-12.2.15 - Unauthenticated Data Manipulation and Access via File Transmission
May 28, 2026
CVSS 7.4
EPSS 0.00
CVE-2026-46817 CRITICAL
Oracle Payments 12.2.3-12.2.15 - Unauthenticated Remote Code Execution via File Transmission
May 28, 2026
CVSS 9.8
EPSS 0.01
CVE-2026-46775 CRITICAL
Oracle REST Data Services 24.2.0-26.1.0 - Authenticated Remote Code Execution via HTTPS
May 28, 2026
CVSS 9.9
EPSS 0.00
CVE-2026-35277 HIGH
Oracle REST Data Services 24.2.0-26.1.0 - Authenticated Unauthorized Data Access and Modification via HTTPS
May 28, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-35266 HIGH
Oracle Rest Data Services < 26.1.0 - Denial of Service
May 28, 2026
CVSS 7.9
EPSS 0.00
CVE-2026-34311 CRITICAL
Oracle Hospitality OPERA 5 Property Services <=5.6.28 - Unauthenticated RCE
May 28, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-35255 MEDIUM
Oracle Cloud Native Environment Command Line Interface - Arbitrary Code Execution
May 06, 2026
CVSS 6.6
EPSS 0.00
CVE-2026-35254 MEDIUM
Oracle OCI CLI 3.77 - Unauthenticated Path Traversal via File Import
May 06, 2026
CVSS 6.1
EPSS 0.00
CVE-2026-35253 MEDIUM
Oracle Macaron Tool v0.22.0 - Unauthenticated Origin Validation Error via HTTP
May 06, 2026
CVSS 4.7
EPSS 0.00
CVE-2026-35228 HIGH
Oracle MCP Server Helper Tool 1.0.1-1.0.156 - SQL Injection
May 05, 2026
CVSS 8.7
EPSS 0.00
CVE-2026-35233 MEDIUM
Oracle Linux 8-10 - Out-of-bounds Read in ELF Parser via sh_link Field
May 01, 2026
CVSS 4.4
EPSS 0.00
CVE-2026-21996 LOW
Oracle Linux 8-10 - Denial of Service via Malicious ELF Binary
May 01, 2026
CVSS 3.3
EPSS 0.00
CVE-2026-35252 MEDIUM
Oracle Security Service 12.2.1.4.0 - Privilege Escalation
Apr 21, 2026
CVSS 6.4
EPSS 0.00