Web Scouter
Back to News
Security NewsCriticalIncidentvulnerability

Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager

UnknownMar 21, 2026(about 3 hours ago)

Oracle patched a critical unauthenticated remote code execution vulnerability (CVE-2026-21992) in Identity Manager and Web Services Manager.

Oracle has released security updates to address a critical security flaw impacting Identity Manager and Web Services Manager that could be exploited to achieve remote code execution. The vulnerability, tracked as CVE-2026-21992, carries a CVSS score of 9.8 out of a maximum of 10.0. "This vulnerability is remotely exploitable without authentication," Oracle said in an advisory. "If successfully

Related CVEs
CVE-2026-21992

Related News

Critical Quest KACE Vulnerability Potentially Exploited in Attacks

Unknownabout 3 hours ago

CVE-2026-3479 pkgutil.get_data() does not enforce documented restrictions

Unknownabout 6 hours ago

CVE-2026-30922 pyasn1 Vulnerable to Denial of Service via Unbounded Recursion

Unknownabout 6 hours ago

Get Personalized Alerts

Track vendors and receive alerts when security incidents affect your supply chain.

What We Monitor

Security Incidents

Data breaches, ransomware, and unauthorized access

Vulnerabilities

CVEs and vendor security advisories

Compliance Updates

Regulatory changes and certification news

Legal News

Privacy laws and enforcement actions

Vendor Directory

Browse our directory of SaaS vendors with security documentation and compliance information.