PT-2026-25957 · Oracle · Oracle Edge Cloud Infrastructure Designer/Visualisation Toolkit
Gouri Sankar A
·
Published
2026-03-17
·
Updated
2026-03-18
·
CVE-2026-21994
CVSS v3.1
9.8
Critical
| AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
CVE: CVE-2026-21994
Vendor: Oracle corporation
Product: Oracle Edge Cloud Infrastructure Designer and Visualisation Toolkit
CVSS: 9.8
Credits: n/a
Description:
Vulnerability in the Oracle Edge Cloud Infrastructure Designer and Visualisation Toolkit product of Oracle Open Source Projects (component: Desktop). The supported version that is affected is 0.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Edge Cloud Infrastructure Designer and Visualisation Toolkit. Successful attacks of this vulnerability can result in takeover of Oracle Edge Cloud Infrastructure Designer and Visualisation Toolkit. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
References:
• https://t.co/VnHEQ6KHdT
• https://t.co/jWbzZZsTwL
#dbugs vuln
Fix
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Oracle Edge Cloud Infrastructure Designer/Visualisation Toolkit