CVE-2025-50069

Name of the Vulnerable Software and Affected Versions Oracle Database Server versions 19.3 through 19.27 Oracle Database Server versions 21.3 through 21.18

Description A vulnerability exists within the Java VM component of Oracle Database Server. A low-privileged attacker with Create Session and Create Procedure privileges, possessing network access via Oracle Net, can compromise the Java VM. Successful exploitation may lead to unauthorized access to critical data or complete access to all Java VM accessible data. Attacks may significantly impact additional products.

Recommendations Oracle Database Server versions 19.3 through 19.27: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Oracle Database Server versions 21.3 through 21.18: At the moment, there is no information about a newer version that contains a fix for this vulnerability.