The Hacker News

Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager

Oracle fixes CVE-2026-21992 (CVSS 9.8) flaw enabling unauthenticated RCE via HTTP, risking full system compromise.
eWeek

Oracle Patch Set Plugs Widespread Server Holes

eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. Oracle issued a security alert and downloadable patch ...
ZDNet

Oracle Patch Tuesday heads-up: 81 database security holes

Oracle will join Microsoft on next week's Patch Tuesday freight train and it will be another mega-release. The database server giant says in a pre-release announcement that it will patch a whopping 81 ...
InfoWorld

Monster Oracle update patches database, Java

Oracle's Critical Patch Updates keep getting bigger. The database giant addressed a number of remotely exploitable flaws in Java, MySQL, and Oracle Database this quarter Bigger is not necessarily ...
Network World

Most Oracle database shops don’t mandate security patch use

A continuing lack of corporate mandates to quickly install Oracle’s security patches may be leaving many Oracle database installations exposed to vulnerabilities for extended periods of time, ...
eWeek

Oracle Patches 45 Security Holes in Database, App Server and More

eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. Oracle released 45 security fixes July 15 as part of its ...
Computerworld

Oracle’s ‘thrown in the towel’ on database patching, researcher claims

A security researcher today criticized Oracle for neglecting to patch its core database products, noting that the massive update slated for later Tuesday will set a record for the fewest fixes. Alex ...