CVE-2026-35306

Name of the Vulnerable Software and Affected Versions Oracle Coherence version 15.1.1.0.0

Description An issue in the Centralized Third Party Jars component allows an unauthenticated attacker with network access via HTTP to compromise the system. Successful exploitation can lead to unauthorized access to critical data, complete access to all accessible data, and the ability to perform unauthorized updates, insertions, or deletions of data. This flaw may also significantly impact additional products due to a scope change.

Recommendations Isolate affected systems immediately. At the moment, there is no information about a newer version that contains a fix for this vulnerability.