CVE-2026-21999 | Oracle Database Server up to 23.26.1 XML Database improper authorization

Inserito da Angelo Barbosa | Apr 22, 2026 | CVE

A vulnerability classified as critical was found in Oracle Database Server up to 23.26.1. Affected by this vulnerability is an unknown functionality of the component XML Database Component. Executing a manipulation can lead to improper authorization.

This vulnerability is handled as CVE-2026-21999. The attack can be executed remotely. There is not any exploit available.

Upgrading the affected component is advised.

CVE-2026-21999 | Oracle Database Server up to 23.26.1 XML Database improper authorization

Post correlati

CVE-2024-42383 | Cesanta Mongoose Web Server up to 7.14 out-of-range pointer offset

CVE-2025-9384 | appneta tcpreplay up to 4.5.1 parse_args.c tcpedit_post_args null pointer dereference (Issue 971)

CVE-2024-0655 | Novel-Plus 4.3.0-RC1 /novel/bookSetting/list sort sql injection

CVE-2023-6975 | mlflow prior 2.9.2 path traversal