The Hacker News

Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager

Oracle fixes CVE-2026-21992 (CVSS 9.8) flaw enabling unauthenticated RCE via HTTP, risking full system compromise.
Computerworld

Oracle issues largest patch bundle ever, fixing 276 security flaws

Oracle has released a new quarterly batch of security updates for more than 80 products from its software portfolio, fixing 276 vulnerabilities. This is the largest Oracle Critical Patch Update (CPU) ...
ZDNet

Time to get patching: Oracle's quarterly Critical Patch Update arrives with 520 fixes

Enterprise software giant Oracle has released its April Critical Patch Update (CPU) advisory, which includes 520 fixes for security flaws. Critical Patch Updates are collections of security fixes for ...