Multiple CVEs Addressed in Recent Oracle9 Security Updates

Multiple CVEs Addressed in Recent Oracle9 Security Updates

First seen 30 Apr 2026, 16:34 UTC Linuxsecurity 74% similarity 70.5

Article Content

Browse articles
ThreatCluster

Oracle9 has released security updates addressing several vulnerabilities, including CVE-2026-4786 and CVE-2026-6100, which were published on April 13, 2026. The updates also include fixes for CVE-2026-4519, published on March 20, 2026, and CVE-2026-0865, CVE-2025-15366, CVE-2025-15367, and CVE-2026-1299, which were published earlier in 2026. Additionally, a backport fix for CVE-2026-41651 was released on April 22, 2026, with a proof of concept made public shortly after on April 24, 2026. The vulnerabilities affect various components of Oracle9, including Python packages and PackageKit, which are used in Red Hat Enterprise Linux environments. Organizations using Oracle9 should prioritize applying these updates to mitigate potential exploitation. The scope of impact includes both individual users and enterprise systems relying on these packages. Current status indicates that patches are available, but the urgency remains high due to the recent PoC release for CVE-2026-41651.

Key Points: • Oracle9 security updates address multiple CVEs, including critical vulnerabilities. • CVE-2026-41651 has a public proof of concept, increasing the risk of exploitation. • Organizations should apply patches promptly to mitigate potential threats.

ThreatCluster AI

Timeline

2026-01-20
CVE-2026-0865 published
2026-01-20
CVE-2025-15367 published
2026-01-20
CVE-2025-15366 published
2026-01-23
CVE-2026-1299 published
2026-03-20
CVE-2026-4519 published
2026-04-13
CVE-2026-4786 and CVE-2026-6100 published
2026-04-22
CVE-2026-41651 published
2026-04-24
First public PoC for CVE-2026-41651 released
2026-04-28
Oracle9 updates released addressing multiple CVEs
2026-04-30
Further updates released for PackageKit addressing CVE-2026-41651

Community

Browse all →