CVE-2026-46810

Vulnerability in the Identity Manager product of Oracle Fusion Middleware component: End User Self Service. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP to compromise Identity...

CVE-2026-46794

Vulnerability in the Identity Manager Connector product of Oracle Fusion Middleware component: Generic Unix Connector. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via SSH to compromise...

CVE-2026-46793

Vulnerability in the Identity Manager Connector product of Oracle Fusion Middleware component: Database User. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Identity...

CVE-2026-35269

Vulnerability in the Identity Manager product of Oracle Fusion Middleware component: REST WebServices. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Identity Manager...

CVE-2026-35267

Vulnerability in the Identity Manager product of Oracle Fusion Middleware component: REST WebServices. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Identity Manager...

CVE-2026-21992

Vulnerability in the Oracle Identity Manager product of Oracle Fusion Middleware component: REST WebServices and Oracle Web Services Manager product of Oracle Fusion Middleware component: Web Services Security. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable...

CVE-2026-21992

Vulnerability in the Oracle Identity Manager product of Oracle Fusion Middleware component: REST WebServices and Oracle Web Services Manager product of Oracle Fusion Middleware component: Web Services Security. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable...

EUVD-2026-13486

Vulnerability in the Oracle Identity Manager product of Oracle Fusion Middleware component: REST WebServices and Oracle Web Services Manager product of Oracle Fusion Middleware component: Web Services Security. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable...

Oracle Identity Manager and Web Services Manager RCE (CVE-2026-21992)

The remote host has Oracle Identity Manager and/or Oracle Web Services Manager installed and is affected by a remote code execution vulnerability as referenced in the CVE-2026-21992 Security Alert Advisory. - Vulnerability in the Oracle Identity Manager product of Oracle Fusion Middleware...

PT-2026-26538

Name of the Vulnerable Software and Affected Versions Oracle Identity Manager versions 12.2.1.4.0 and 14.1.2.1.0 Oracle Web Services Manager versions 12.2.1.4.0 and 14.1.2.1.0 Description A critical vulnerability exists in Oracle Identity Manager component: REST WebServices and Oracle Web Service...

Oracle Identity Manager < 12.2.1.4.0 / < 14.1.2.1.0 Remote Code Execution

Oracle Identity Manager versions prior to 12.2.1.4.0 or prior to 14.1.2.1.0 are vulnerable to a Remote Code Execution through the REST WebServices component. An unauthenticated attacker can achieve remote code execution on the underlying server via a crafted REST request. No source data...

CVE-2025-61757

Vulnerability in the Identity Manager product of Oracle Fusion Middleware component: REST WebServices. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Identity Manager...

CVE-2025-61757

Vulnerability in the Identity Manager product of Oracle Fusion Middleware component: REST WebServices. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Identity Manager...

PT-2025-42978

Name of the Vulnerable Software and Affected Versions Oracle Identity Manager versions 12.2.1.4.0 through 14.1.2.1.0 Description A critical vulnerability exists in Oracle Identity Manager, specifically within the REST WebServices component. This flaw allows an unauthenticated attacker to remotely...