CVE-2026-21960

Name of the Vulnerable Software and Affected Versions Oracle E-Business Suite versions 12.2.3 through 12.2.15

Description A security issue exists within the Java utils component of the Oracle Applications DBA product. A high-privileged attacker with network access via HTTP can compromise the system. Successful exploitation may lead to unauthorized data manipulation, deletion, or creation, and potentially complete access to all Oracle Applications DBA accessible data.

Recommendations Versions prior to 12.2.3 and versions after 12.2.15 are not affected. Update to a version later than 12.2.15.