PT-2026-37347

Name of the Vulnerable Software and Affected Versions Oracle Macaron Tool version 0.22.0 Description An unauthenticated attacker with network access via HTTP can compromise the Oracle Macaron Tool. This issue allows the attacker to bypass host address validation, which is the process of verifying...

PT-2026-37958

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Lightweight HTTP Server. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0...

EUVD-2026-27178

Vulnerability in the Oracle MCP Server Helper Tool product of Oracle Open Source Projects component: helper tool. The supported versions that is affected is 1.0.1-1.0.156. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle MCP Server...

EUVD-2026-24453

Vulnerability in the Oracle Hyperion Infrastructure Technology product of Oracle Hyperion component: Lifecycle Management. The supported version that is affected is 11.2.24.0.000. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle...

EUVD-2026-24391

Vulnerability in the PeopleSoft Enterprise FIN Maintenance Management product of Oracle PeopleSoft component: Work Order Management. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft...

EUVD-2026-24385

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Personalization. Supported versions that are affected are 12.2.9-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Application...

EUVD-2026-24387

Vulnerability in the PeopleSoft Enterprise FIN Maintenance Management product of Oracle PeopleSoft component: Work Order Management. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft...

EUVD-2026-24352

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Fluid Core. Supported versions that are affected are 8.61-8.62. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise...

EUVD-2026-24348

Vulnerability in Oracle GoldenGate component: Libraries. Supported versions that are affected are 23.4-23.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GoldenGate. Successful attacks of this vulnerability can result in...

EUVD-2026-24341

Vulnerability in the PeopleSoft Enterprise HCM Absence Management product of Oracle PeopleSoft component: Absence Management. The supported version that is affected is 9.2. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft...

EUVD-2026-24323

Vulnerability in the Oracle User Management product of Oracle E-Business Suite component: Workflow and Business Events. Supported versions that are affected are 12.2.7-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle User...

EUVD-2026-24317

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications component: Platform. Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Easily exploitable vulnerability allows unauthenticated attacker with...

CVE-2026-34321

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications component: User Interface. Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Difficult to exploit vulnerability allows low privileged attack...

CVE-2026-34307

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Workflow. Supported versions that are affected are 8.61-8.62. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools...

CVE-2026-34314

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications component: Platform. Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Difficult to exploit vulnerability allows low privileged attacker wit...

CVE-2026-34301

Vulnerability in the PeopleSoft Enterprise FIN Maintenance Management product of Oracle PeopleSoft component: Work Order Management. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft...

CVE-2026-34302

Vulnerability in the Oracle Workflow product of Oracle E-Business Suite component: Workflow Loader. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Workflow. While the...

CVE-2026-34295

Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft component: Purchasing. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise SCM...

CVE-2026-34298

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Personalization. Supported versions that are affected are 12.2.9-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Application...

CVE-2026-34279

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Event Management. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle...