CVE-2026-21994

Critical CVSS: 9.8

Vulnerability in the Oracle Edge Cloud Infrastructure Designer and Visualisation Toolkit product of Oracle Open Source Projects (component: Desktop). The supported version that is affected is 0.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Edge Cloud Infrastructure Designer and Visualisation Toolkit. Successful attacks of this vulnerability can result in takeover of Oracle Edge Cloud Infrastructure Designer and Visualisation Toolkit. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Vendor

Oracle

Product

Okit

CWE

CWE-284

Yayın Tarihi

2026-03-17 23:16:17

Güncelleme

2026-04-02 12:27:23

Source Identifier

secalert_us@oracle.com

KEV Date Added

Kategoriler

CWE-284 Okit CRITICAL Oracle 2026

Referanslar

https://www.oracle.com/security-alerts/all-oracle-cves-outside-other-oracle-public-documents.html

Benzer Kayıtlar

Critical

CVE-2026-21992

Vulnerability in the Oracle Identity Manager product of Oracle Fusion Middleware (component: REST WebServices) and Oracl…

Medium

CVE-2026-21991

A DTrace component, dtprobed, allows arbitrary file creation through crafted USDT provider names.

Medium

CVE-2026-21985

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that a…

High

CVE-2026-21986

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that a…

High

CVE-2026-21987

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that a…

High

CVE-2026-21988

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that a…