All CosmicBytez Labs articles tagged #Oracle, across news, security advisories, how-to guides, and projects.
A critical CVSS 9.8 authentication bypass vulnerability in Oracle E-Business Suite's Payments module is being actively exploited in the wild, according to...
The National Association of Insurance Commissioners confirms ShinyHunters exploited an Oracle PeopleSoft zero-day but says only publicly available data,...
Nissan warns that current and former employees had data stolen after threat actors exploited an Oracle PeopleSoft zero-day vulnerability tied to the...
Google's Threat Intelligence Group confirmed in-the-wild exploitation of Oracle PeopleSoft zero-day CVE-2026-35273 by ShinyHunters, even as Oracle...
The ShinyHunters hacking group exploited a critical Oracle PeopleSoft ERP zero-day (CVE-2026-35273) that disproportionately impacted American...
Oracle has issued an emergency mitigation for CVE-2026-35273, a critical unauthenticated RCE flaw in PeopleSoft Suite being actively exploited by the...
The ShinyHunters group, tracked by Mandiant as UNC6240, has been exploiting CVE-2026-35273 in Oracle PeopleSoft to breach universities and higher...
A CVSS 9.8 unauthenticated remote code execution flaw in Oracle PeopleSoft Enterprise PeopleTools 8.61 and 8.62 is being actively exploited, with threat...
Oracle WebLogic Server contains an unspecified vulnerability allowing unauthenticated attackers network access via T3 and IIOP protocols, potentially exposing…
A CVSS 9.8 critical vulnerability in Oracle Hospitality OPERA 5 Property Services allows unauthenticated network attackers to fully compromise hotel...
A CVSS 9.9 critical vulnerability in Oracle REST Data Services (ORDS) versions 24.2.0 through 26.1.0 allows a low-privileged network attacker to fully...
A high-severity vulnerability in Oracle Life Sciences Empirica Signal versions 9.2.1-9.2.3 allows a low-privileged attacker with network access via HTTP...
Oracle has released an out-of-band security update to fix a critical unauthenticated remote code execution vulnerability in Oracle Identity Manager and...
Oracle's March 2026 Critical Patch Update includes CVE-2026-21992, a CVSS 9.8 unauthenticated remote code execution vulnerability in Oracle Identity...
A critical unauthenticated remote code execution vulnerability (CVSS 9.8) in Oracle's Edge Cloud Infrastructure Designer and Visualisation Toolkit allows...