Oracle July 2025 Critical Patch Update Addresses 165 CVEs

Oracle July 2025 Critical Patch Update Addresses 165 CVEs Oracle addresses 165 CVEs in its third quarterly update of 2025 with 309 patches, including nine critical updates. Background On July 15, Oracle released itsCritical Patch Update (CPU) for July 2025, the third quarterly update of the year. This CPU contains fixes for 165 unique CVEs in 309 security updates across 28 Oracle product families. Out of the 309 security updates published this quarter, 2.9% of patches were assigned a critical severity. High severity patches accounted for the bulk of security patches at 46.6%, followed by medium severity patches at 43.7%. This quarter’s update includes nine critical patches across five CVEs. Analysis This quarter, the Oracle REST Data Services product family contained the highest number of patches at 84, accounting for 27.2% of the total patches, followed by Oracle Hospitality Applications at 40 patches, which accounted for 12.9% of the total patches. A full breakdown of the patches for...