https://feed.craftedsignal.io/tags/oracle/Trending threats, MITRE ATT&CK coverage, and detection metadata — refreshed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioTue, 24 Mar 2026 12:00:00 +0000https://feed.craftedsignal.io/briefs/2026-03-oracle-rce/Tue, 24 Mar 2026 12:00:00 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-03-oracle-rce/CVE-2026-21992 allows an unauthenticated attacker to gain network access via HTTP and execute code remotely on Oracle Identity Manager and Oracle Web Services Manager.<p>On March 20, 2026, Oracle disclosed CVE-2026-21992, a critical vulnerability (CVSS score of 9.8) affecting Oracle Fusion Middleware, specifically Oracle Identity Manager and Oracle Web Services Manager. The vulnerability stems from a lack of network-level authentication, allowing unauthenticated attackers to exploit exposed critical functions via HTTP. Successful exploitation allows for remote code execution. While there are currently no reports of active exploitation, the potential impact…</p> criticaladvisoryvulnerabilityrceoracle