EUVD-2022-26628

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Critical vulnerability in Oracle Helidon allows unauthenticated HTTP access, risking complete takeover.

Reporter	Title	Published	Views	Family All 12
ATTACKERKB	CVE-2022-21404	19 Apr 202221:15	–	attackerkb
Circl	CVE-2022-21404	20 Apr 202200:30	–	circl
CNNVD	Oracle Fusion Middleware 输入验证错误漏洞	19 Apr 202200:00	–	cnnvd
CNVD	Oracle Fusion Middleware Helidon Input Validation Error Vulnerability	22 Apr 202200:00	–	cnvd
CVE	CVE-2022-21404	19 Apr 202220:36	–	cve
Cvelist	CVE-2022-21404	19 Apr 202220:36	–	cvelist
NCSC	Vulnerabilities fixed in Oracle Fusion Middleware	20 Apr 202200:00	–	ncsc
NVD	CVE-2022-21404	19 Apr 202221:15	–	nvd
Oracle	Oracle Critical Patch Update Advisory - April 2022	19 Apr 202200:00	–	oracle
Prion	Denial of service	19 Apr 202221:15	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "54b57a51-30b9-32a9-ae47-ecc0a8ea8f65",
        "vendor": {
          "name": "Oracle Corporation"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "814f6b60-48aa-3c62-a8c3-aa1ed5a0e2e3",
        "product": {
          "name": "Helidon"
        },
        "product_version": "1.4.10"
      },
      {
        "id": "d80d1223-c51f-361e-98c3-448f9866bbe2",
        "product": {
          "name": "Helidon"
        },
        "product_version": "2.0.0-RC1"
      }
    ]
  }
]

Source	Link
oracle	www.oracle.com/security-alerts/cpuapr2022.html

03 Oct 2025 20:07Current

7.3High risk

Vulners AI Score7.3

CVSS 3.18.1

CVSS 26.8

EPSS0.01249

SSVC

vulnerability oracle helidon security http access takeover cvss score