> TritonInfoSec News
Home / Mar 21, 2026 / Story
0
#2 Dark Reading general March 20, 2026 at 19:30 UTC

Patch Now: Oracle's Fusion Middleware Has Critical RCE Flaw

By Nate Nelson

AI Summary

Oracle issued an emergency patch for CVE-2026-21992, a critical unauthenticated RCE vulnerability in Oracle Identity Manager and Web Services Manager. Attackers can execute arbitrary code without authentication when these components are exposed to the web, making this a high-priority patch for organizations using Oracle Fusion Middleware.

Read full article → https://www.darkreading.com/vulnerabilities-threat…

Relevance score: 92.0/100

# More from March 21

  1. 1
    Widely used Trivy scanner compromised in ongoing supply-chain attack Ars Technica Security
  2. 3
    Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure The Hacker News
  3. 4
    CISA orders feds to patch max-severity Cisco flaw by Sunday BleepingComputer
  4. 5
    International joint action disrupts world’s largest DDoS botnets BleepingComputer
  5. 6
    FBI links Signal phishing attacks to Russian intelligence services BleepingComputer
  6. 7
    FBI takes down leak sites tied to Iran’s Ministry of Intelligence and Security The Record
  7. 8
    Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover The Hacker News
  8. 9
    Thousands of Magento Sites Hit in Ongoing Defacement Campaign SecurityWeek
  9. 10
    Max severity Ubiquiti UniFi flaw may allow account takeover BleepingComputer