Oracle Identity Manager: Out-of-band update against code smuggling vulnerability

Oracle has released an emergency update for Identity Manager and Web Services Manager to close a code smuggling vulnerability ...
The Hacker News

Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager

Oracle fixes CVE-2026-21992 (CVSS 9.8) flaw enabling unauthenticated RCE via HTTP, risking full system compromise.
SecurityWeek

Oracle Releases Emergency Patch for Critical Identity Manager Vulnerability

Oracle issues out-of-band updates to patch CVE-2026-21992, a critical vulnerability in Identity Manager and Web Services ...

Oracle pushes emergency fix for critical Identity Manager RCE flaw

Oracle has released an out-of-band security update to fix a critical unauthenticated remote code execution vulnerability in ...
Bleeping Computer

Oracle Fixes "Default Account" Issue Rated 10 Out of 10 on Severity Scale

Oracle has released patches for a security issue affecting the Oracle Identity Manager that has received a rare 10 out of 10 score on the CVSSv3 bug severity scale. The giant software maker has ...
Computing

Oracle scores ten out of ten - for a critical security flaw in Oracle Identity Manager

Cyber crooks are tapping into a recently identified vulnerability in Oracle's Identity Manager that allows them to take full control of the application remotely. The vulnerability, which has a CVSS v3 ...