CVE-2026-22003

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u481 and 8u481-b50 Oracle GraalVM Enterprise Edition version 21.3.17

Description An issue in the Hotspot component allows a low privileged attacker with logon access to the infrastructure to compromise the system. Successful exploitation requires human interaction and can lead to unauthorized creation, deletion, or modification of critical data, as well as the ability to cause a system hang or repeatable crash resulting in a complete denial of service. This affects deployments that load and run untrusted code, such as sandboxed Java Web Start applications or sandboxed Java applets, and rely on the Java sandbox for security.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.