CVE-2026-34298

Name of the Vulnerable Software and Affected Versions Oracle Applications Framework versions 12.2.9 through 12.2.15

Description An issue exists in the Personalization component of the Oracle Applications Framework product of Oracle E-Business Suite. A high privileged attacker with network access via HTTP can compromise the framework. Successful exploitation may lead to unauthorized read, update, insert, or delete access to certain accessible data, as well as the ability to cause a partial denial of service (DoS), which is a condition where a system becomes partially unavailable to its intended users.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.