CVE-2026-21997

Name of the Vulnerable Software and Affected Versions Oracle Life Sciences Empirica Signal versions 9.2.1 through 9.2.3

Description An issue in the Common Core component allows a low privileged attacker with network access via HTTP to compromise the system. Successful exploitation can lead to unauthorized read access to a subset of data, as well as unauthorized creation, deletion, or modification of critical data or all accessible data within the product. This may also significantly impact additional products due to a scope change.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.