> TritonInfoSec News
Home / Mar 22, 2026 / Story
0
#3 The Hacker News general March 21, 2026 at 10:24 UTC

Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager

By [email protected] (The Hacker News)

AI Summary

Oracle released an emergency patch for CVE-2026-21992, a critical vulnerability with CVSS score 9.8 affecting Identity Manager and Web Services Manager that enables unauthenticated remote code execution. The flaw is remotely exploitable without authentication, making it a high-priority target for attackers seeking to compromise Oracle enterprise environments.

Read full article → https://thehackernews.com/2026/03/oracle-patches-c…

Relevance score: 88.0/100

# More from March 22

  1. 1
    Trivy vulnerability scanner breach pushed infostealer via GitHub Actions BleepingComputer
  2. 2
    Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages The Hacker News
  3. 4
    CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026 The Hacker News
  4. 5
    FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks The Hacker News
  5. 6
    DoJ Disrupts 3 Million-Device IoT Botnets Behind Record 31.4 Tbps Global DDoS Attacks The Hacker News
  6. 7
    Critical Quest KACE Vulnerability Potentially Exploited in Attacks SecurityWeek
  7. 8
    US Confirms Handala Link to Iran Government Amid Takedown of Hackers’ Sites SecurityWeek
  8. 9
    Police take down 373,000 fake CSAM sites in Operation Alice BleepingComputer
  9. 10
    Navia Data Breach Impacts 2.7 Million SecurityWeek