Critical vulnerability fixed in Oracle
A critical security vulnerability (CVE-2026-21992) has been discovered in Oracle Identity Manager and Oracle Web Services Manager. A malicious actor could exploit of this vulnerability to trigger remote code execution on an affected system. Vulnerability affect Oracle Identity Manager and Oracle Web Services Manager, versions 12.2.1.4.0, 14.1.2.1.0.
More information on vulnerabilities and updates is available on – oracle.com
24 March 2026