Critical Vulnerability in Oracle HTTP Server and WebLogic Server

Critical Vulnerability in Oracle HTTP Server and WebLogic Server

First seen 22 Jan 2026, 21:42 UTC Csa.SgDigital.Nhs.Uk 84% similarity 45.3

Article Content

Browse articles
ThreatCluster

A critical vulnerability (CVE-2026-21962) has been identified in Oracle HTTP Server and WebLogic Server Proxy Plug-in, allowing unauthenticated attackers to create, delete, or modify critical data. Oracle has released security updates to address this vulnerability, which has a CVSS v3.1 score of 10. Users and administrators are urged to update their systems immediately.

ThreatCluster AI

Timeline

Date unknown
Vulnerability discovered
Recent
Exploit released
Date unknown
Patch released

Community

Browse all →