PT-2026-37347 · Oracle · Macaron Tool

Published

2026-05-06

Updated

2026-05-10

CVE-2026-35253

CVSS v3.1

4.7

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Oracle Macaron Tool version 0.22.0

Description An unauthenticated attacker with network access via HTTP can compromise the Oracle Macaron Tool. This issue allows the attacker to bypass host address validation, which is the process of verifying that a request originates from a trusted or authorized network address.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Open Redirect

Origin Validation Error

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-601CWE-346

Related Identifiers

CVE-2026-35253

Affected Products

Macaron Tool

PT-2026-37347 · Oracle · Macaron Tool

CVE-2026-35253

Weakness Enumeration

Related Identifiers

Affected Products

References · 6