Storyline
Oracle patches critical unauthenticated remote code execution vulnerability in Identity Manager
Oracle has released a critical security update addressing CVE-2026-21992, a vulnerability in Oracle Identity Manager and Oracle Web Services Manager that allows remote code execution without authentication. The flaw carries a CVSS score of 9.8, indicating severe risk.
Evidence locked
Today's free sample is only available for the edition's flagship storyline.
Evidence preview
- Oracle security alert on CVE-2026-21992oracle.com
- Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Managerthehackernews