Oracle Identity Manager RCE Vulnerability Exploited in Active Attacks

Oracle Identity Manager RCE Vulnerability Exploited in Active Attacks

First seen 23 Nov 2025, 12:25 UTC Digital.Nhs.UkTechzine.EuInfosecurity-MagazineCsoonlineTheregister+12 73% similarity 50.7

Article Content

Browse articles
ThreatCluster

A critical vulnerability in Oracle Identity Manager, tracked as CVE-2025-61757, allows remote code execution (RCE) without authentication. Discovered by Searchlight Cyber researchers, the flaw has been actively exploited in attacks, prompting warnings from CISA for government agencies to apply the patch released by Oracle on October 21, 2025.

ThreatCluster AI

Community

Browse all →