Digital.Nhs.Uk
Oracle Identity Manager RCE Vulnerability Exploited in Active Attacks
First seen 23 Nov 2025, 12:25 UTC
•



+12
•73% similarity
•50.7
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
A critical vulnerability in Oracle Identity Manager, tracked as CVE-2025-61757, allows remote code execution (RCE) without authentication. Discovered by Searchlight Cyber researchers, the flaw has been actively exploited in attacks, prompting warnings from CISA for government agencies to apply the patch released by Oracle on October 21, 2025.
ThreatCluster AI