{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/oracle/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["critical"],"_cs_tags":["vulnerability","rce","oracle"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eOn March 20, 2026, Oracle disclosed CVE-2026-21992, a critical vulnerability (CVSS score of 9.8) affecting Oracle Fusion Middleware, specifically Oracle Identity Manager and Oracle Web Services Manager. The vulnerability stems from a lack of network-level authentication, allowing unauthenticated attackers to exploit exposed critical functions via HTTP. Successful exploitation allows for remote code execution. While there are currently no reports of active exploitation, the potential impact…\u003c/p\u003e\n","date_modified":"2026-03-24T12:00:00Z","date_published":"2026-03-24T12:00:00Z","id":"/briefs/2026-03-oracle-rce/","summary":"CVE-2026-21992 allows an unauthenticated attacker to gain network access via HTTP and execute code remotely on Oracle Identity Manager and Oracle Web Services Manager.","title":"Oracle Fusion Middleware RCE Vulnerability (CVE-2026-21992)","url":"https://feed.craftedsignal.io/briefs/2026-03-oracle-rce/"}],"language":"en","title":"CraftedSignal Threat Feed — Oracle","version":"https://jsonfeed.org/version/1.1"}