CVE-2026-21978

Name of the Vulnerable Software and Affected Versions Oracle FLEXCUBE Universal Banking versions 14.0.0.0.0 through 14.8.0.0.0

Description An easily exploitable issue exists in the Relationship Pricing component of Oracle FLEXCUBE Universal Banking. A low-privileged attacker with network access via HTTP can compromise the system. Successful exploitation may lead to unauthorized access to critical data or complete access to all accessible data within Oracle FLEXCUBE Universal Banking.

Recommendations Versions 14.0.0.0.0 through 14.8.0.0.0 are affected and require attention. At the moment, there is no information about a newer version that contains a fix for this vulnerability.