CVE-2026-21940

Name of the Vulnerable Software and Affected Versions Oracle Agile PLM version 9.3.6

Description An easily exploitable issue exists in the Oracle Agile PLM product within Oracle Supply Chain, specifically in the User and User Group component. An unauthenticated attacker with network access via HTTP can compromise the system. Successful exploitation may lead to unauthorized access to critical data or complete access to all Oracle Agile PLM accessible data.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.