Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-22003 (GCVE-0-2026-22003)
Vulnerability from cvelistv5 – Published: 2026-04-21 20:35 – Updated: 2026-04-22 14:10
VLAI
EPSS
Summary
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u481 and 8u481-b50; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 6.0 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:H).
Severity
6 (Medium)
CWE
- Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition.
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.oracle.com/security-alerts/cpuapr2026.html | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Oracle Corporation | Oracle Java SE |
Affected:
8u481
Affected: 8u481-b50 |
|
| Oracle Corporation | Oracle GraalVM Enterprise Edition |
Affected:
21.3.17
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-22003",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-22T14:09:59.127059Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-22T14:10:38.643Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Oracle Java SE",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "8u481"
},
{
"status": "affected",
"version": "8u481-b50"
}
]
},
{
"product": "Oracle GraalVM Enterprise Edition",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "21.3.17"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:java_se:8u481:*:*:*:*:*:*:*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:java_se:*:*:*:*:*:*:*:*",
"versionEndIncluding": "b50",
"versionStartIncluding": "8u481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:graalvm:21.3.17:*:*:*:enterprise:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en-US",
"value": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u481 and 8u481-b50; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 6.0 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:H)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition.",
"lang": "en-US"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-21T20:35:02.518Z",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "Oracle Advisory",
"tags": [
"vendor-advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2026.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2026-22003",
"datePublished": "2026-04-21T20:35:02.518Z",
"dateReserved": "2026-01-05T18:07:34.725Z",
"dateUpdated": "2026-04-22T14:10:38.643Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-22003",
"date": "2026-05-27",
"epss": "0.00019",
"percentile": "0.05264"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-22003\",\"sourceIdentifier\":\"secalert_us@oracle.com\",\"published\":\"2026-04-21T21:16:25.650\",\"lastModified\":\"2026-04-24T16:42:55.780\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u481 and 8u481-b50; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 6.0 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:H).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert_us@oracle.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:H\",\"baseScore\":6.0,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.8,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:graalvm:21.3.17:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"A03023A6-9A6F-40EE-A9BE-5A8EDC1EEE94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.8.0:update481:*:*:-:*:*:*\",\"matchCriteriaId\":\"34640E60-3068-4AAA-BE14-7AF11694E213\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.8.0:update481_b50:*:*:-:*:*:*\",\"matchCriteriaId\":\"EC91B23D-3BAF-4E1E-9A9D-EE5CCA1ACAE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.8.0:update481:*:*:-:*:*:*\",\"matchCriteriaId\":\"2D3819BA-3DBD-4E7A-AB5D-E550263CBBF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.8.0:update481_b50:*:*:-:*:*:*\",\"matchCriteriaId\":\"CE5DA635-B7B3-4E1A-9B1C-5973A615B728\"}]}]}],\"references\":[{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2026.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"cna\": {\"providerMetadata\": {\"orgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"shortName\": \"oracle\", \"dateUpdated\": \"2026-04-21T20:35:02.518Z\"}, \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en-US\", \"description\": \"Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition.\"}]}], \"affected\": [{\"vendor\": \"Oracle Corporation\", \"product\": \"Oracle Java SE\", \"versions\": [{\"version\": \"8u481\", \"status\": \"affected\"}, {\"version\": \"8u481-b50\", \"status\": \"affected\"}]}, {\"vendor\": \"Oracle Corporation\", \"product\": \"Oracle GraalVM Enterprise Edition\", \"versions\": [{\"version\": \"21.3.17\", \"status\": \"affected\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:java_se:8u481:*:*:*:*:*:*:*\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:java_se:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8u481\", \"versionEndIncluding\": \"b50\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:graalvm:21.3.17:*:*:*:enterprise:*:*:*\"}]}]}], \"descriptions\": [{\"lang\": \"en-US\", \"value\": \"Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u481 and 8u481-b50; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 6.0 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:H).\"}], \"references\": [{\"url\": \"https://www.oracle.com/security-alerts/cpuapr2026.html\", \"name\": \"Oracle Advisory\", \"tags\": [\"vendor-advisory\"]}], \"metrics\": [{\"cvssV3_1\": {\"attackVector\": \"LOCAL\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:H\", \"baseScore\": 6, \"baseSeverity\": \"MEDIUM\"}}]}, \"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-22003\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-04-22T14:09:59.127059Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-400\", \"description\": \"CWE-400 Uncontrolled Resource Consumption\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-04-22T14:10:25.122Z\"}}]}",
"cveMetadata": "{\"cveId\": \"CVE-2026-22003\", \"assignerOrgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"oracle\", \"dateReserved\": \"2026-01-05T18:07:34.725Z\", \"datePublished\": \"2026-04-21T20:35:02.518Z\", \"dateUpdated\": \"2026-04-22T14:10:38.643Z\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
bit-java-2026-22003
Vulnerability from bitnami_vulndb
Published
2026-05-06 14:46
Modified
2026-05-08 06:11
Summary
Details
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u481 and 8u481-b50; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 6.0 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:H).
{
"affected": [
{
"package": {
"ecosystem": "Bitnami",
"name": "java",
"purl": "pkg:bitnami/java"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.8.0"
},
{
"introduced": "1.9.0"
},
{
"fixed": "8.0.491"
}
],
"type": "SEMVER"
}
],
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:H",
"type": "CVSS_V3"
}
]
}
],
"aliases": [
"CVE-2026-22003"
],
"database_specific": {
"cpes": [
"cpe:2.3:a:bellsoft:libericajdk:*:*:*:*:*:*:*:*"
],
"severity": "Medium"
},
"details": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u481 and 8u481-b50; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 6.0 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:H).",
"id": "BIT-java-2026-22003",
"modified": "2026-05-08T06:11:36.072Z",
"published": "2026-05-06T14:46:06.719Z",
"references": [
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22003"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuapr2026.html"
}
],
"schema_version": "1.6.2"
}
bit-jre-2026-22003
Vulnerability from bitnami_vulndb
Published
2026-05-08 05:47
Modified
2026-05-08 06:11
Summary
Details
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u481 and 8u481-b50; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 6.0 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:H).
{
"affected": [
{
"package": {
"ecosystem": "Bitnami",
"name": "jre",
"purl": "pkg:bitnami/jre"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.8.0"
},
{
"introduced": "1.9.0"
},
{
"fixed": "8.0.491"
}
],
"type": "SEMVER"
}
],
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:H",
"type": "CVSS_V3"
}
]
}
],
"aliases": [
"CVE-2026-22003"
],
"database_specific": {
"cpes": [
"cpe:2.3:a:bellsoft:libericajre:*:*:*:*:*:*:*:*"
],
"severity": "Medium"
},
"details": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u481 and 8u481-b50; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 6.0 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:H).",
"id": "BIT-jre-2026-22003",
"modified": "2026-05-08T06:11:36.072Z",
"published": "2026-05-08T05:47:49.463Z",
"references": [
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22003"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuapr2026.html"
}
],
"schema_version": "1.6.2"
}
CERTFR-2026-AVI-0468
Vulnerability from certfr_avis - Published: 2026-04-22 - Updated: 2026-04-22
De multiples vulnérabilités ont été découvertes dans Oracle Java SE. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Oracle | Java SE | Oracle GraalVM Enterprise Edition version 21.3.17 | ||
| Oracle | Java SE | Oracle Java SE version 25.0.1 | ||
| Oracle | Java SE | Oracle Java SE version 17.0.18 | ||
| Oracle | Java SE | Oracle Java SE version 26 | ||
| Oracle | Java SE | Oracle Java SE version 25.0.2 | ||
| Oracle | Java SE | Oracle GraalVM for JDK version 21.0.10 | ||
| Oracle | Java SE | Oracle GraalVM for JDK version 17.0.18 | ||
| Oracle | Java SE | Oracle Java SE version 11.0.30 | ||
| Oracle | Java SE | Oracle Java SE version 8u481-perf | ||
| Oracle | Java SE | Oracle Java SE version 21.0.10 | ||
| Oracle | Java SE | Oracle Java SE version 8u481 | ||
| Oracle | Java SE | Oracle Java SE version 8u481-b50 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Oracle GraalVM Enterprise Edition version 21.3.17",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Java SE version 25.0.1",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Java SE version 17.0.18",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Java SE version 26",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Java SE version 25.0.2",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle GraalVM for JDK version 21.0.10",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle GraalVM for JDK version 17.0.18",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Java SE version 11.0.30",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Java SE version 8u481-perf",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Java SE version 21.0.10",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Java SE version 8u481",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Java SE version 8u481-b50",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-20652",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20652"
},
{
"name": "CVE-2026-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20676"
},
{
"name": "CVE-2026-22013",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22013"
},
{
"name": "CVE-2026-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22018"
},
{
"name": "CVE-2026-34282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34282"
},
{
"name": "CVE-2026-22003",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22003"
},
{
"name": "CVE-2026-23865",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23865"
},
{
"name": "CVE-2026-20608",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20608"
},
{
"name": "CVE-2026-20636",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20636"
},
{
"name": "CVE-2026-20635",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20635"
},
{
"name": "CVE-2026-22016",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22016"
},
{
"name": "CVE-2026-22021",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22021"
},
{
"name": "CVE-2026-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22007"
},
{
"name": "CVE-2026-34268",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34268"
},
{
"name": "CVE-2026-20644",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20644"
},
{
"name": "CVE-2025-43457",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43457"
},
{
"name": "CVE-2026-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22008"
}
],
"initial_release_date": "2026-04-22T00:00:00",
"last_revision_date": "2026-04-22T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0468",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-04-22T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle Java SE. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Java SE",
"vendor_advisories": [
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 Oracle Java SE cpuapr2026",
"url": "https://www.oracle.com/security-alerts/cpuapr2026.html"
}
]
}
FKIE_CVE-2026-22003
Vulnerability from fkie_nvd - Published: 2026-04-21 21:16 - Updated: 2026-04-24 16:42
Severity
Summary
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u481 and 8u481-b50; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 6.0 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:H).
References
| URL | Tags | ||
|---|---|---|---|
| secalert_us@oracle.com | https://www.oracle.com/security-alerts/cpuapr2026.html | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:graalvm:21.3.17:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "A03023A6-9A6F-40EE-A9BE-5A8EDC1EEE94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update481:*:*:-:*:*:*",
"matchCriteriaId": "34640E60-3068-4AAA-BE14-7AF11694E213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update481_b50:*:*:-:*:*:*",
"matchCriteriaId": "EC91B23D-3BAF-4E1E-9A9D-EE5CCA1ACAE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update481:*:*:-:*:*:*",
"matchCriteriaId": "2D3819BA-3DBD-4E7A-AB5D-E550263CBBF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update481_b50:*:*:-:*:*:*",
"matchCriteriaId": "CE5DA635-B7B3-4E1A-9B1C-5973A615B728",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u481 and 8u481-b50; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 6.0 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:H)."
}
],
"id": "CVE-2026-22003",
"lastModified": "2026-04-24T16:42:55.780",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.2,
"source": "secalert_us@oracle.com",
"type": "Secondary"
}
]
},
"published": "2026-04-21T21:16:25.650",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2026.html"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
GHSA-Q4WQ-4WHJ-CXHX
Vulnerability from github – Published: 2026-04-21 21:31 – Updated: 2026-04-21 21:31
VLAI
Details
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u481 and 8u481-b50; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 6.0 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:H).
Severity
6.0 (Medium)
{
"affected": [],
"aliases": [
"CVE-2026-22003"
],
"database_specific": {
"cwe_ids": [
"CWE-400"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-21T21:16:25Z",
"severity": "MODERATE"
},
"details": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u481 and 8u481-b50; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 6.0 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:H).",
"id": "GHSA-q4wq-4whj-cxhx",
"modified": "2026-04-21T21:31:24Z",
"published": "2026-04-21T21:31:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22003"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuapr2026.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:H",
"type": "CVSS_V3"
}
]
}
WID-SEC-W-2026-1201
Vulnerability from csaf_certbund - Published: 2026-04-21 22:00 - Updated: 2026-05-20 22:00Summary
Oracle Java SE: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Die Java Platform, Standard Edition (SE) ist eine Sammlung von Java-APIs (JDK) und der Java Laufzeit Umgebung (JRE).
Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Java SE ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Linux
- Sonstiges
- UNIX
- Windows
Affected products
Known affected
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RealObjects PDFreactor <12.6.0
RealObjects / PDFreactor
|
<12.6.0 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle GraalVM for JDK 21.0.10
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.0.10::for_jdk
|
for JDK 21.0.10 | |
|
Oracle Java SE 25.0.2
Oracle / Java SE
|
cpe:/a:oracle:java_se:25.0.2
|
25.0.2 | |
|
Oracle Java SE 17.0.18
Oracle / Java SE
|
cpe:/a:oracle:java_se:17.0.18
|
17.0.18 | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
Oracle Java SE 21.0.10
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.0.10
|
21.0.10 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— | |
|
Oracle Java SE 11.0.30
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.30
|
11.0.30 | |
|
IBM InfoSphere Information Server
IBM
|
cpe:/a:ibm:infosphere_information_server:-
|
— | |
|
IBM Java 8.0.0.0-8.0.8.60
IBM / Java
|
cpe:/a:ibm:jre:8.0.0.0_-_8.0.8.60
|
8.0.0.0-8.0.8.60 | |
|
IBM WebSphere Application Server
IBM
|
cpe:/a:ibm:websphere_application_server:-
|
— | |
|
IBM Rational Software Architect
IBM
|
cpe:/a:ibm:rational_software_architect:-
|
— | |
|
IBM Semeru Runtime
IBM
|
cpe:/a:ibm:semeru_runtime:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Oracle Java SE 8u481
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u481
|
8u481 | |
|
Oracle Java SE 8u481-b50
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u481-b50
|
8u481-b50 | |
|
IBM Java 7.1.0.0-7.1.5.29
IBM / Java
|
cpe:/a:ibm:jre:7.1.0.0_-_7.1.5.29
|
7.1.0.0-7.1.5.29 | |
|
Oracle GraalVM Enterprise Edition 21.3.17
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.3.17::enterprise_edition
|
Enterprise Edition 21.3.17 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Oracle GraalVM for JDK 17.0.18
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:17.0.18::for_jdk
|
for JDK 17.0.18 | |
|
Oracle Java SE 8u481-perf
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u481-perf
|
8u481-perf | |
|
Oracle Java SE 26
Oracle / Java SE
|
cpe:/a:oracle:java_se:26
|
26 | |
|
Azul Zulu
Azul
|
cpe:/a:azul:zulu:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Open Source OpenJDK
Open Source
|
cpe:/a:oracle:openjdk:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
IBM Tivoli Netcool/OMNIbus
IBM
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:-
|
— | |
|
IBM Content Manager 8.7
IBM / Content Manager
|
cpe:/a:ibm:content_manager:8.7
|
8.7 |
Affected products
Known affected
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RealObjects PDFreactor <12.6.0
RealObjects / PDFreactor
|
<12.6.0 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle GraalVM for JDK 21.0.10
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.0.10::for_jdk
|
for JDK 21.0.10 | |
|
Oracle Java SE 25.0.2
Oracle / Java SE
|
cpe:/a:oracle:java_se:25.0.2
|
25.0.2 | |
|
Oracle Java SE 17.0.18
Oracle / Java SE
|
cpe:/a:oracle:java_se:17.0.18
|
17.0.18 | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
Oracle Java SE 21.0.10
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.0.10
|
21.0.10 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— | |
|
Oracle Java SE 11.0.30
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.30
|
11.0.30 | |
|
IBM InfoSphere Information Server
IBM
|
cpe:/a:ibm:infosphere_information_server:-
|
— | |
|
IBM Java 8.0.0.0-8.0.8.60
IBM / Java
|
cpe:/a:ibm:jre:8.0.0.0_-_8.0.8.60
|
8.0.0.0-8.0.8.60 | |
|
IBM WebSphere Application Server
IBM
|
cpe:/a:ibm:websphere_application_server:-
|
— | |
|
IBM Rational Software Architect
IBM
|
cpe:/a:ibm:rational_software_architect:-
|
— | |
|
IBM Semeru Runtime
IBM
|
cpe:/a:ibm:semeru_runtime:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Oracle Java SE 8u481
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u481
|
8u481 | |
|
Oracle Java SE 8u481-b50
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u481-b50
|
8u481-b50 | |
|
IBM Java 7.1.0.0-7.1.5.29
IBM / Java
|
cpe:/a:ibm:jre:7.1.0.0_-_7.1.5.29
|
7.1.0.0-7.1.5.29 | |
|
Oracle GraalVM Enterprise Edition 21.3.17
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.3.17::enterprise_edition
|
Enterprise Edition 21.3.17 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Oracle GraalVM for JDK 17.0.18
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:17.0.18::for_jdk
|
for JDK 17.0.18 | |
|
Oracle Java SE 8u481-perf
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u481-perf
|
8u481-perf | |
|
Oracle Java SE 26
Oracle / Java SE
|
cpe:/a:oracle:java_se:26
|
26 | |
|
Azul Zulu
Azul
|
cpe:/a:azul:zulu:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Open Source OpenJDK
Open Source
|
cpe:/a:oracle:openjdk:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
IBM Tivoli Netcool/OMNIbus
IBM
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:-
|
— | |
|
IBM Content Manager 8.7
IBM / Content Manager
|
cpe:/a:ibm:content_manager:8.7
|
8.7 |
Affected products
Known affected
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RealObjects PDFreactor <12.6.0
RealObjects / PDFreactor
|
<12.6.0 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle GraalVM for JDK 21.0.10
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.0.10::for_jdk
|
for JDK 21.0.10 | |
|
Oracle Java SE 25.0.2
Oracle / Java SE
|
cpe:/a:oracle:java_se:25.0.2
|
25.0.2 | |
|
Oracle Java SE 17.0.18
Oracle / Java SE
|
cpe:/a:oracle:java_se:17.0.18
|
17.0.18 | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
Oracle Java SE 21.0.10
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.0.10
|
21.0.10 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— | |
|
Oracle Java SE 11.0.30
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.30
|
11.0.30 | |
|
IBM InfoSphere Information Server
IBM
|
cpe:/a:ibm:infosphere_information_server:-
|
— | |
|
IBM Java 8.0.0.0-8.0.8.60
IBM / Java
|
cpe:/a:ibm:jre:8.0.0.0_-_8.0.8.60
|
8.0.0.0-8.0.8.60 | |
|
IBM WebSphere Application Server
IBM
|
cpe:/a:ibm:websphere_application_server:-
|
— | |
|
IBM Rational Software Architect
IBM
|
cpe:/a:ibm:rational_software_architect:-
|
— | |
|
IBM Semeru Runtime
IBM
|
cpe:/a:ibm:semeru_runtime:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Oracle Java SE 8u481
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u481
|
8u481 | |
|
Oracle Java SE 8u481-b50
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u481-b50
|
8u481-b50 | |
|
IBM Java 7.1.0.0-7.1.5.29
IBM / Java
|
cpe:/a:ibm:jre:7.1.0.0_-_7.1.5.29
|
7.1.0.0-7.1.5.29 | |
|
Oracle GraalVM Enterprise Edition 21.3.17
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.3.17::enterprise_edition
|
Enterprise Edition 21.3.17 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Oracle GraalVM for JDK 17.0.18
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:17.0.18::for_jdk
|
for JDK 17.0.18 | |
|
Oracle Java SE 8u481-perf
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u481-perf
|
8u481-perf | |
|
Oracle Java SE 26
Oracle / Java SE
|
cpe:/a:oracle:java_se:26
|
26 | |
|
Azul Zulu
Azul
|
cpe:/a:azul:zulu:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Open Source OpenJDK
Open Source
|
cpe:/a:oracle:openjdk:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
IBM Tivoli Netcool/OMNIbus
IBM
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:-
|
— | |
|
IBM Content Manager 8.7
IBM / Content Manager
|
cpe:/a:ibm:content_manager:8.7
|
8.7 |
Affected products
Known affected
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RealObjects PDFreactor <12.6.0
RealObjects / PDFreactor
|
<12.6.0 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle GraalVM for JDK 21.0.10
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.0.10::for_jdk
|
for JDK 21.0.10 | |
|
Oracle Java SE 25.0.2
Oracle / Java SE
|
cpe:/a:oracle:java_se:25.0.2
|
25.0.2 | |
|
Oracle Java SE 17.0.18
Oracle / Java SE
|
cpe:/a:oracle:java_se:17.0.18
|
17.0.18 | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
Oracle Java SE 21.0.10
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.0.10
|
21.0.10 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— | |
|
Oracle Java SE 11.0.30
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.30
|
11.0.30 | |
|
IBM InfoSphere Information Server
IBM
|
cpe:/a:ibm:infosphere_information_server:-
|
— | |
|
IBM Java 8.0.0.0-8.0.8.60
IBM / Java
|
cpe:/a:ibm:jre:8.0.0.0_-_8.0.8.60
|
8.0.0.0-8.0.8.60 | |
|
IBM WebSphere Application Server
IBM
|
cpe:/a:ibm:websphere_application_server:-
|
— | |
|
IBM Rational Software Architect
IBM
|
cpe:/a:ibm:rational_software_architect:-
|
— | |
|
IBM Semeru Runtime
IBM
|
cpe:/a:ibm:semeru_runtime:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Oracle Java SE 8u481
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u481
|
8u481 | |
|
Oracle Java SE 8u481-b50
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u481-b50
|
8u481-b50 | |
|
IBM Java 7.1.0.0-7.1.5.29
IBM / Java
|
cpe:/a:ibm:jre:7.1.0.0_-_7.1.5.29
|
7.1.0.0-7.1.5.29 | |
|
Oracle GraalVM Enterprise Edition 21.3.17
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.3.17::enterprise_edition
|
Enterprise Edition 21.3.17 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Oracle GraalVM for JDK 17.0.18
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:17.0.18::for_jdk
|
for JDK 17.0.18 | |
|
Oracle Java SE 8u481-perf
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u481-perf
|
8u481-perf | |
|
Oracle Java SE 26
Oracle / Java SE
|
cpe:/a:oracle:java_se:26
|
26 | |
|
Azul Zulu
Azul
|
cpe:/a:azul:zulu:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Open Source OpenJDK
Open Source
|
cpe:/a:oracle:openjdk:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
IBM Tivoli Netcool/OMNIbus
IBM
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:-
|
— | |
|
IBM Content Manager 8.7
IBM / Content Manager
|
cpe:/a:ibm:content_manager:8.7
|
8.7 |
Affected products
Known affected
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RealObjects PDFreactor <12.6.0
RealObjects / PDFreactor
|
<12.6.0 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle GraalVM for JDK 21.0.10
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.0.10::for_jdk
|
for JDK 21.0.10 | |
|
Oracle Java SE 25.0.2
Oracle / Java SE
|
cpe:/a:oracle:java_se:25.0.2
|
25.0.2 | |
|
Oracle Java SE 17.0.18
Oracle / Java SE
|
cpe:/a:oracle:java_se:17.0.18
|
17.0.18 | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
Oracle Java SE 21.0.10
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.0.10
|
21.0.10 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— | |
|
Oracle Java SE 11.0.30
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.30
|
11.0.30 | |
|
IBM InfoSphere Information Server
IBM
|
cpe:/a:ibm:infosphere_information_server:-
|
— | |
|
IBM Java 8.0.0.0-8.0.8.60
IBM / Java
|
cpe:/a:ibm:jre:8.0.0.0_-_8.0.8.60
|
8.0.0.0-8.0.8.60 | |
|
IBM WebSphere Application Server
IBM
|
cpe:/a:ibm:websphere_application_server:-
|
— | |
|
IBM Rational Software Architect
IBM
|
cpe:/a:ibm:rational_software_architect:-
|
— | |
|
IBM Semeru Runtime
IBM
|
cpe:/a:ibm:semeru_runtime:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Oracle Java SE 8u481
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u481
|
8u481 | |
|
Oracle Java SE 8u481-b50
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u481-b50
|
8u481-b50 | |
|
IBM Java 7.1.0.0-7.1.5.29
IBM / Java
|
cpe:/a:ibm:jre:7.1.0.0_-_7.1.5.29
|
7.1.0.0-7.1.5.29 | |
|
Oracle GraalVM Enterprise Edition 21.3.17
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.3.17::enterprise_edition
|
Enterprise Edition 21.3.17 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Oracle GraalVM for JDK 17.0.18
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:17.0.18::for_jdk
|
for JDK 17.0.18 | |
|
Oracle Java SE 8u481-perf
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u481-perf
|
8u481-perf | |
|
Oracle Java SE 26
Oracle / Java SE
|
cpe:/a:oracle:java_se:26
|
26 | |
|
Azul Zulu
Azul
|
cpe:/a:azul:zulu:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Open Source OpenJDK
Open Source
|
cpe:/a:oracle:openjdk:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
IBM Tivoli Netcool/OMNIbus
IBM
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:-
|
— | |
|
IBM Content Manager 8.7
IBM / Content Manager
|
cpe:/a:ibm:content_manager:8.7
|
8.7 |
Affected products
Known affected
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RealObjects PDFreactor <12.6.0
RealObjects / PDFreactor
|
<12.6.0 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle GraalVM for JDK 21.0.10
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.0.10::for_jdk
|
for JDK 21.0.10 | |
|
Oracle Java SE 25.0.2
Oracle / Java SE
|
cpe:/a:oracle:java_se:25.0.2
|
25.0.2 | |
|
Oracle Java SE 17.0.18
Oracle / Java SE
|
cpe:/a:oracle:java_se:17.0.18
|
17.0.18 | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
Oracle Java SE 21.0.10
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.0.10
|
21.0.10 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— | |
|
Oracle Java SE 11.0.30
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.30
|
11.0.30 | |
|
IBM InfoSphere Information Server
IBM
|
cpe:/a:ibm:infosphere_information_server:-
|
— | |
|
IBM Java 8.0.0.0-8.0.8.60
IBM / Java
|
cpe:/a:ibm:jre:8.0.0.0_-_8.0.8.60
|
8.0.0.0-8.0.8.60 | |
|
IBM WebSphere Application Server
IBM
|
cpe:/a:ibm:websphere_application_server:-
|
— | |
|
IBM Rational Software Architect
IBM
|
cpe:/a:ibm:rational_software_architect:-
|
— | |
|
IBM Semeru Runtime
IBM
|
cpe:/a:ibm:semeru_runtime:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Oracle Java SE 8u481
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u481
|
8u481 | |
|
Oracle Java SE 8u481-b50
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u481-b50
|
8u481-b50 | |
|
IBM Java 7.1.0.0-7.1.5.29
IBM / Java
|
cpe:/a:ibm:jre:7.1.0.0_-_7.1.5.29
|
7.1.0.0-7.1.5.29 | |
|
Oracle GraalVM Enterprise Edition 21.3.17
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.3.17::enterprise_edition
|
Enterprise Edition 21.3.17 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Oracle GraalVM for JDK 17.0.18
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:17.0.18::for_jdk
|
for JDK 17.0.18 | |
|
Oracle Java SE 8u481-perf
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u481-perf
|
8u481-perf | |
|
Oracle Java SE 26
Oracle / Java SE
|
cpe:/a:oracle:java_se:26
|
26 | |
|
Azul Zulu
Azul
|
cpe:/a:azul:zulu:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Open Source OpenJDK
Open Source
|
cpe:/a:oracle:openjdk:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
IBM Tivoli Netcool/OMNIbus
IBM
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:-
|
— | |
|
IBM Content Manager 8.7
IBM / Content Manager
|
cpe:/a:ibm:content_manager:8.7
|
8.7 |
Affected products
Known affected
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RealObjects PDFreactor <12.6.0
RealObjects / PDFreactor
|
<12.6.0 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle GraalVM for JDK 21.0.10
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.0.10::for_jdk
|
for JDK 21.0.10 | |
|
Oracle Java SE 25.0.2
Oracle / Java SE
|
cpe:/a:oracle:java_se:25.0.2
|
25.0.2 | |
|
Oracle Java SE 17.0.18
Oracle / Java SE
|
cpe:/a:oracle:java_se:17.0.18
|
17.0.18 | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
Oracle Java SE 21.0.10
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.0.10
|
21.0.10 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— | |
|
Oracle Java SE 11.0.30
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.30
|
11.0.30 | |
|
IBM InfoSphere Information Server
IBM
|
cpe:/a:ibm:infosphere_information_server:-
|
— | |
|
IBM Java 8.0.0.0-8.0.8.60
IBM / Java
|
cpe:/a:ibm:jre:8.0.0.0_-_8.0.8.60
|
8.0.0.0-8.0.8.60 | |
|
IBM WebSphere Application Server
IBM
|
cpe:/a:ibm:websphere_application_server:-
|
— | |
|
IBM Rational Software Architect
IBM
|
cpe:/a:ibm:rational_software_architect:-
|
— | |
|
IBM Semeru Runtime
IBM
|
cpe:/a:ibm:semeru_runtime:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Oracle Java SE 8u481
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u481
|
8u481 | |
|
Oracle Java SE 8u481-b50
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u481-b50
|
8u481-b50 | |
|
IBM Java 7.1.0.0-7.1.5.29
IBM / Java
|
cpe:/a:ibm:jre:7.1.0.0_-_7.1.5.29
|
7.1.0.0-7.1.5.29 | |
|
Oracle GraalVM Enterprise Edition 21.3.17
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.3.17::enterprise_edition
|
Enterprise Edition 21.3.17 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Oracle GraalVM for JDK 17.0.18
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:17.0.18::for_jdk
|
for JDK 17.0.18 | |
|
Oracle Java SE 8u481-perf
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u481-perf
|
8u481-perf | |
|
Oracle Java SE 26
Oracle / Java SE
|
cpe:/a:oracle:java_se:26
|
26 | |
|
Azul Zulu
Azul
|
cpe:/a:azul:zulu:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Open Source OpenJDK
Open Source
|
cpe:/a:oracle:openjdk:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
IBM Tivoli Netcool/OMNIbus
IBM
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:-
|
— | |
|
IBM Content Manager 8.7
IBM / Content Manager
|
cpe:/a:ibm:content_manager:8.7
|
8.7 |
Affected products
Known affected
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RealObjects PDFreactor <12.6.0
RealObjects / PDFreactor
|
<12.6.0 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle GraalVM for JDK 21.0.10
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.0.10::for_jdk
|
for JDK 21.0.10 | |
|
Oracle Java SE 25.0.2
Oracle / Java SE
|
cpe:/a:oracle:java_se:25.0.2
|
25.0.2 | |
|
Oracle Java SE 17.0.18
Oracle / Java SE
|
cpe:/a:oracle:java_se:17.0.18
|
17.0.18 | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
Oracle Java SE 21.0.10
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.0.10
|
21.0.10 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— | |
|
Oracle Java SE 11.0.30
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.30
|
11.0.30 | |
|
IBM InfoSphere Information Server
IBM
|
cpe:/a:ibm:infosphere_information_server:-
|
— | |
|
IBM Java 8.0.0.0-8.0.8.60
IBM / Java
|
cpe:/a:ibm:jre:8.0.0.0_-_8.0.8.60
|
8.0.0.0-8.0.8.60 | |
|
IBM WebSphere Application Server
IBM
|
cpe:/a:ibm:websphere_application_server:-
|
— | |
|
IBM Rational Software Architect
IBM
|
cpe:/a:ibm:rational_software_architect:-
|
— | |
|
IBM Semeru Runtime
IBM
|
cpe:/a:ibm:semeru_runtime:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Oracle Java SE 8u481
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u481
|
8u481 | |
|
Oracle Java SE 8u481-b50
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u481-b50
|
8u481-b50 | |
|
IBM Java 7.1.0.0-7.1.5.29
IBM / Java
|
cpe:/a:ibm:jre:7.1.0.0_-_7.1.5.29
|
7.1.0.0-7.1.5.29 | |
|
Oracle GraalVM Enterprise Edition 21.3.17
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.3.17::enterprise_edition
|
Enterprise Edition 21.3.17 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Oracle GraalVM for JDK 17.0.18
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:17.0.18::for_jdk
|
for JDK 17.0.18 | |
|
Oracle Java SE 8u481-perf
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u481-perf
|
8u481-perf | |
|
Oracle Java SE 26
Oracle / Java SE
|
cpe:/a:oracle:java_se:26
|
26 | |
|
Azul Zulu
Azul
|
cpe:/a:azul:zulu:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Open Source OpenJDK
Open Source
|
cpe:/a:oracle:openjdk:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
IBM Tivoli Netcool/OMNIbus
IBM
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:-
|
— | |
|
IBM Content Manager 8.7
IBM / Content Manager
|
cpe:/a:ibm:content_manager:8.7
|
8.7 |
Affected products
Known affected
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RealObjects PDFreactor <12.6.0
RealObjects / PDFreactor
|
<12.6.0 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle GraalVM for JDK 21.0.10
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.0.10::for_jdk
|
for JDK 21.0.10 | |
|
Oracle Java SE 25.0.2
Oracle / Java SE
|
cpe:/a:oracle:java_se:25.0.2
|
25.0.2 | |
|
Oracle Java SE 17.0.18
Oracle / Java SE
|
cpe:/a:oracle:java_se:17.0.18
|
17.0.18 | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
Oracle Java SE 21.0.10
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.0.10
|
21.0.10 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— | |
|
Oracle Java SE 11.0.30
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.30
|
11.0.30 | |
|
IBM InfoSphere Information Server
IBM
|
cpe:/a:ibm:infosphere_information_server:-
|
— | |
|
IBM Java 8.0.0.0-8.0.8.60
IBM / Java
|
cpe:/a:ibm:jre:8.0.0.0_-_8.0.8.60
|
8.0.0.0-8.0.8.60 | |
|
IBM WebSphere Application Server
IBM
|
cpe:/a:ibm:websphere_application_server:-
|
— | |
|
IBM Rational Software Architect
IBM
|
cpe:/a:ibm:rational_software_architect:-
|
— | |
|
IBM Semeru Runtime
IBM
|
cpe:/a:ibm:semeru_runtime:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Oracle Java SE 8u481
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u481
|
8u481 | |
|
Oracle Java SE 8u481-b50
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u481-b50
|
8u481-b50 | |
|
IBM Java 7.1.0.0-7.1.5.29
IBM / Java
|
cpe:/a:ibm:jre:7.1.0.0_-_7.1.5.29
|
7.1.0.0-7.1.5.29 | |
|
Oracle GraalVM Enterprise Edition 21.3.17
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.3.17::enterprise_edition
|
Enterprise Edition 21.3.17 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Oracle GraalVM for JDK 17.0.18
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:17.0.18::for_jdk
|
for JDK 17.0.18 | |
|
Oracle Java SE 8u481-perf
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u481-perf
|
8u481-perf | |
|
Oracle Java SE 26
Oracle / Java SE
|
cpe:/a:oracle:java_se:26
|
26 | |
|
Azul Zulu
Azul
|
cpe:/a:azul:zulu:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Open Source OpenJDK
Open Source
|
cpe:/a:oracle:openjdk:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
IBM Tivoli Netcool/OMNIbus
IBM
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:-
|
— | |
|
IBM Content Manager 8.7
IBM / Content Manager
|
cpe:/a:ibm:content_manager:8.7
|
8.7 |
Affected products
Known affected
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RealObjects PDFreactor <12.6.0
RealObjects / PDFreactor
|
<12.6.0 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle GraalVM for JDK 21.0.10
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.0.10::for_jdk
|
for JDK 21.0.10 | |
|
Oracle Java SE 25.0.2
Oracle / Java SE
|
cpe:/a:oracle:java_se:25.0.2
|
25.0.2 | |
|
Oracle Java SE 17.0.18
Oracle / Java SE
|
cpe:/a:oracle:java_se:17.0.18
|
17.0.18 | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
Oracle Java SE 21.0.10
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.0.10
|
21.0.10 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— | |
|
Oracle Java SE 11.0.30
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.30
|
11.0.30 | |
|
IBM InfoSphere Information Server
IBM
|
cpe:/a:ibm:infosphere_information_server:-
|
— | |
|
IBM Java 8.0.0.0-8.0.8.60
IBM / Java
|
cpe:/a:ibm:jre:8.0.0.0_-_8.0.8.60
|
8.0.0.0-8.0.8.60 | |
|
IBM WebSphere Application Server
IBM
|
cpe:/a:ibm:websphere_application_server:-
|
— | |
|
IBM Rational Software Architect
IBM
|
cpe:/a:ibm:rational_software_architect:-
|
— | |
|
IBM Semeru Runtime
IBM
|
cpe:/a:ibm:semeru_runtime:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Oracle Java SE 8u481
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u481
|
8u481 | |
|
Oracle Java SE 8u481-b50
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u481-b50
|
8u481-b50 | |
|
IBM Java 7.1.0.0-7.1.5.29
IBM / Java
|
cpe:/a:ibm:jre:7.1.0.0_-_7.1.5.29
|
7.1.0.0-7.1.5.29 | |
|
Oracle GraalVM Enterprise Edition 21.3.17
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.3.17::enterprise_edition
|
Enterprise Edition 21.3.17 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Oracle GraalVM for JDK 17.0.18
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:17.0.18::for_jdk
|
for JDK 17.0.18 | |
|
Oracle Java SE 8u481-perf
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u481-perf
|
8u481-perf | |
|
Oracle Java SE 26
Oracle / Java SE
|
cpe:/a:oracle:java_se:26
|
26 | |
|
Azul Zulu
Azul
|
cpe:/a:azul:zulu:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Open Source OpenJDK
Open Source
|
cpe:/a:oracle:openjdk:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
IBM Tivoli Netcool/OMNIbus
IBM
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:-
|
— | |
|
IBM Content Manager 8.7
IBM / Content Manager
|
cpe:/a:ibm:content_manager:8.7
|
8.7 |
Affected products
Known affected
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RealObjects PDFreactor <12.6.0
RealObjects / PDFreactor
|
<12.6.0 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle GraalVM for JDK 21.0.10
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.0.10::for_jdk
|
for JDK 21.0.10 | |
|
Oracle Java SE 25.0.2
Oracle / Java SE
|
cpe:/a:oracle:java_se:25.0.2
|
25.0.2 | |
|
Oracle Java SE 17.0.18
Oracle / Java SE
|
cpe:/a:oracle:java_se:17.0.18
|
17.0.18 | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
Oracle Java SE 21.0.10
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.0.10
|
21.0.10 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— | |
|
Oracle Java SE 11.0.30
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.30
|
11.0.30 | |
|
IBM InfoSphere Information Server
IBM
|
cpe:/a:ibm:infosphere_information_server:-
|
— | |
|
IBM Java 8.0.0.0-8.0.8.60
IBM / Java
|
cpe:/a:ibm:jre:8.0.0.0_-_8.0.8.60
|
8.0.0.0-8.0.8.60 | |
|
IBM WebSphere Application Server
IBM
|
cpe:/a:ibm:websphere_application_server:-
|
— | |
|
IBM Rational Software Architect
IBM
|
cpe:/a:ibm:rational_software_architect:-
|
— | |
|
IBM Semeru Runtime
IBM
|
cpe:/a:ibm:semeru_runtime:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Oracle Java SE 8u481
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u481
|
8u481 | |
|
Oracle Java SE 8u481-b50
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u481-b50
|
8u481-b50 | |
|
IBM Java 7.1.0.0-7.1.5.29
IBM / Java
|
cpe:/a:ibm:jre:7.1.0.0_-_7.1.5.29
|
7.1.0.0-7.1.5.29 | |
|
Oracle GraalVM Enterprise Edition 21.3.17
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.3.17::enterprise_edition
|
Enterprise Edition 21.3.17 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Oracle GraalVM for JDK 17.0.18
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:17.0.18::for_jdk
|
for JDK 17.0.18 | |
|
Oracle Java SE 8u481-perf
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u481-perf
|
8u481-perf | |
|
Oracle Java SE 26
Oracle / Java SE
|
cpe:/a:oracle:java_se:26
|
26 | |
|
Azul Zulu
Azul
|
cpe:/a:azul:zulu:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Open Source OpenJDK
Open Source
|
cpe:/a:oracle:openjdk:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
IBM Tivoli Netcool/OMNIbus
IBM
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:-
|
— | |
|
IBM Content Manager 8.7
IBM / Content Manager
|
cpe:/a:ibm:content_manager:8.7
|
8.7 |
References
71 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Die Java Platform, Standard Edition (SE) ist eine Sammlung von Java-APIs (JDK) und der Java Laufzeit Umgebung (JRE).",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Java SE ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-1201 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1201.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-1201 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1201"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - April 2026 - Appendix Oracle Java SE vom 2026-04-21",
"url": "https://www.oracle.com/security-alerts/cpuapr2026.html#AppendixJAVA"
},
{
"category": "external",
"summary": "Azul Zulu builds of OpenJDK April 2026 Quarterly Update vom 2026-04-21",
"url": "https://docs.azul.com/core/release-notes"
},
{
"category": "external",
"summary": "OpenJDK Vulnerability Advisory: 2026/04/21",
"url": "https://openjdk.org/groups/vulnerability/advisories/2026-04-21"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:9254 vom 2026-04-22",
"url": "https://access.redhat.com/errata/RHSA-2026:9254"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:9693 vom 2026-04-22",
"url": "https://access.redhat.com/errata/RHSA-2026:9693"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:9682 vom 2026-04-22",
"url": "https://access.redhat.com/errata/RHSA-2026:9682"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:9256 vom 2026-04-22",
"url": "https://access.redhat.com/errata/RHSA-2026:9256"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:9255 vom 2026-04-22",
"url": "https://access.redhat.com/errata/RHSA-2026:9255"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:7286 vom 2026-04-23",
"url": "https://access.redhat.com/errata/RHSA-2026:7286"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:9685 vom 2026-04-23",
"url": "https://access.redhat.com/errata/RHSA-2026:9685"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:9691 vom 2026-04-23",
"url": "https://access.redhat.com/errata/RHSA-2026:9691"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:9694 vom 2026-04-23",
"url": "https://access.redhat.com/errata/RHSA-2026:9694"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:9690 vom 2026-04-23",
"url": "https://access.redhat.com/errata/RHSA-2026:9690"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-9693 vom 2026-04-23",
"url": "https://linux.oracle.com/errata/ELSA-2026-9693.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:9688 vom 2026-04-23",
"url": "https://access.redhat.com/errata/RHSA-2026:9688"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:9687 vom 2026-04-23",
"url": "https://access.redhat.com/errata/RHSA-2026:9687"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:9684 vom 2026-04-23",
"url": "https://access.redhat.com/errata/RHSA-2026:9684"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:9686 vom 2026-04-24",
"url": "https://access.redhat.com/errata/RHSA-2026:9686"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7270697 vom 2026-04-24",
"url": "https://www.ibm.com/support/pages/node/7270697"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-9686 vom 2026-04-24",
"url": "https://linux.oracle.com/errata/ELSA-2026-9686.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:9683 vom 2026-04-24",
"url": "https://access.redhat.com/errata/RHSA-2026:9683"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:9689 vom 2026-04-24",
"url": "https://access.redhat.com/errata/RHSA-2026:9689"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-9683 vom 2026-04-27",
"url": "https://linux.oracle.com/errata/ELSA-2026-9683.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:9689 vom 2026-04-28",
"url": "https://errata.build.resf.org/RLSA-2026:9689"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7270877 vom 2026-04-27",
"url": "https://www.ibm.com/support/pages/node/7270877"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-9689 vom 2026-04-28",
"url": "https://linux.oracle.com/errata/ELSA-2026-9689.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6231 vom 2026-04-28",
"url": "https://security-tracker.debian.org/tracker/DSA-6231-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:11329 vom 2026-04-28",
"url": "https://access.redhat.com/errata/RHSA-2026:11329"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:11403 vom 2026-04-28",
"url": "https://access.redhat.com/errata/RHSA-2026:11403"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6237 vom 2026-04-29",
"url": "https://lists.debian.org/debian-security-announce/2026/msg00147.html"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20260429-0012 vom 2026-04-29",
"url": "https://security.netapp.com/advisory/NTAP-20260429-0012"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:11655 vom 2026-04-29",
"url": "https://access.redhat.com/errata/RHSA-2026:11655"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10639-1 vom 2026-04-30",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/W2Y645E54E6XFIST2UBUB4OLOXHMIOLS/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:11902 vom 2026-04-30",
"url": "https://access.redhat.com/errata/RHSA-2026:11902"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:11829 vom 2026-04-30",
"url": "https://access.redhat.com/errata/RHSA-2026:11829"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:11822 vom 2026-04-30",
"url": "https://access.redhat.com/errata/RHSA-2026:11822"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:11822 vom 2026-05-01",
"url": "https://access.redhat.com/errata/RHSA-2026:11822"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10656-1 vom 2026-05-01",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JTBQPRECSOLUZMDIPNPEKSCKSOKTSRBX/"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6246 vom 2026-05-04",
"url": "https://lists.debian.org/debian-security-announce/2026/msg00157.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1705-1 vom 2026-05-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025854.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4566 vom 2026-05-06",
"url": "https://lists.debian.org/debian-lts-announce/2026/05/msg00010.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:14391 vom 2026-05-07",
"url": "https://access.redhat.com/errata/RHSA-2026:14391"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4565 vom 2026-05-06",
"url": "https://lists.debian.org/debian-lts-announce/2026/05/msg00009.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1703-1 vom 2026-05-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025856.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:14659 vom 2026-05-07",
"url": "https://access.redhat.com/errata/RHSA-2026:14659"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1704-1 vom 2026-05-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025855.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7272269 vom 2026-05-07",
"url": "https://www.ibm.com/support/pages/node/7272269"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7272299 vom 2026-05-07",
"url": "https://www.ibm.com/support/pages/node/7272299"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7272328 vom 2026-05-07",
"url": "https://www.ibm.com/support/pages/node/7272328"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7272397 vom 2026-05-08",
"url": "https://www.ibm.com/support/pages/node/7272397"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1731-1 vom 2026-05-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025933.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1732-1 vom 2026-05-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025932.html"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10727-1 vom 2026-05-10",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/KTLULMCU2QOCFHMKGKXBCTCRU44HEPXF/"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2026-3299 vom 2026-05-09",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2026-3299.html"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10725-1 vom 2026-05-10",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2M4F7ZTRQTCAO3T4RSWQHVO3A62HCU4W/"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2CORRETTO8-2026-023 vom 2026-05-09",
"url": "https://alas.aws.amazon.com/AL2/ALAS2CORRETTO8-2026-023.html"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10726-1 vom 2026-05-10",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JZADYTZHBW5JHFOOY3QKVO2SFZF2FEKA/"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2026-3300 vom 2026-05-09",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2026-3300.html"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10724-1 vom 2026-05-10",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/OCLXKR3SVJPA3J5GS6J5JU5HALZFEOHT/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21543-1 vom 2026-05-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025976.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21552-1 vom 2026-05-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025969.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21551-1 vom 2026-05-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025970.html"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10728-1 vom 2026-05-11",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/FBGPJAGCNO5HCFTOMNSHIAOXRUYUABBO/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7272669 vom 2026-05-12",
"url": "https://www.ibm.com/support/pages/node/7272669"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:16695 vom 2026-05-13",
"url": "https://access.redhat.com/errata/RHSA-2026:16695"
},
{
"category": "external",
"summary": "PDFreactor 12.6.0 Changelog vom 2026-05-13",
"url": "https://www.pdfreactor.com/product/changelog.htm"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1955-1 vom 2026-05-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/026100.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7273339 vom 2026-05-19",
"url": "https://www.ibm.com/support/pages/node/7273339"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7273547 vom 2026-05-20",
"url": "https://www.ibm.com/support/pages/node/7273547"
}
],
"source_lang": "en-US",
"title": "Oracle Java SE: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-05-20T22:00:00.000+00:00",
"generator": {
"date": "2026-05-21T07:57:21.164+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2026-1201",
"initial_release_date": "2026-04-21T22:00:00.000+00:00",
"revision_history": [
{
"date": "2026-04-21T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-04-22T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-04-23T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2026-04-26T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen"
},
{
"date": "2026-04-27T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Oracle Linux, Rocky Enterprise Software Foundation, IBM und Debian aufgenommen"
},
{
"date": "2026-04-28T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-04-29T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Debian, NetApp und Red Hat aufgenommen"
},
{
"date": "2026-05-03T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von openSUSE, Red Hat und Debian aufgenommen"
},
{
"date": "2026-05-06T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von SUSE, Debian und Red Hat aufgenommen"
},
{
"date": "2026-05-07T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von IBM und SUSE aufgenommen"
},
{
"date": "2026-05-10T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von openSUSE und Amazon aufgenommen"
},
{
"date": "2026-05-11T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2026-05-12T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-05-14T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2026-05-18T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-05-19T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2026-05-20T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "17"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Azul Zulu",
"product": {
"name": "Azul Zulu",
"product_id": "T036273",
"product_identification_helper": {
"cpe": "cpe:/a:azul:zulu:-"
}
}
}
],
"category": "vendor",
"name": "Azul"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM App Connect Enterprise",
"product": {
"name": "IBM App Connect Enterprise",
"product_id": "T051349",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:app_connect_enterprise:-"
}
}
},
{
"category": "product_name",
"name": "IBM Business Automation Workflow",
"product": {
"name": "IBM Business Automation Workflow",
"product_id": "T053688",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "8.7",
"product": {
"name": "IBM Content Manager 8.7",
"product_id": "T025981",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:content_manager:8.7"
}
}
}
],
"category": "product_name",
"name": "Content Manager"
},
{
"category": "product_name",
"name": "IBM InfoSphere Information Server",
"product": {
"name": "IBM InfoSphere Information Server",
"product_id": "T019995",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:infosphere_information_server:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "7.1.0.0-7.1.5.29",
"product": {
"name": "IBM Java 7.1.0.0-7.1.5.29",
"product_id": "T053317",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:jre:7.1.0.0_-_7.1.5.29"
}
}
},
{
"category": "product_version",
"name": "8.0.0.0-8.0.8.60",
"product": {
"name": "IBM Java 8.0.0.0-8.0.8.60",
"product_id": "T053318",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:jre:8.0.0.0_-_8.0.8.60"
}
}
}
],
"category": "product_name",
"name": "Java"
},
{
"category": "product_name",
"name": "IBM Rational Software Architect",
"product": {
"name": "IBM Rational Software Architect",
"product_id": "T005181",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_software_architect:-"
}
}
},
{
"category": "product_name",
"name": "IBM Semeru Runtime",
"product": {
"name": "IBM Semeru Runtime",
"product_id": "T048255",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:semeru_runtime:-"
}
}
},
{
"category": "product_name",
"name": "IBM Tivoli Netcool/OMNIbus",
"product": {
"name": "IBM Tivoli Netcool/OMNIbus",
"product_id": "T004181",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_netcool%2fomnibus:-"
}
}
},
{
"category": "product_name",
"name": "IBM WebSphere Application Server",
"product": {
"name": "IBM WebSphere Application Server",
"product_id": "T000377",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:websphere_application_server:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "NetApp ActiveIQ Unified Manager",
"product": {
"name": "NetApp ActiveIQ Unified Manager",
"product_id": "T034125",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:active_iq_unified_manager:-"
}
}
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source OpenJDK",
"product": {
"name": "Open Source OpenJDK",
"product_id": "580789",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:openjdk:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "Enterprise Edition 21.3.17",
"product": {
"name": "Oracle GraalVM Enterprise Edition 21.3.17",
"product_id": "T053158",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:graalvm:21.3.17::enterprise_edition"
}
}
},
{
"category": "product_version",
"name": "for JDK 17.0.18",
"product": {
"name": "Oracle GraalVM for JDK 17.0.18",
"product_id": "T053159",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:graalvm:17.0.18::for_jdk"
}
}
},
{
"category": "product_version",
"name": "for JDK 21.0.10",
"product": {
"name": "Oracle GraalVM for JDK 21.0.10",
"product_id": "T053160",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:graalvm:21.0.10::for_jdk"
}
}
}
],
"category": "product_name",
"name": "GraalVM"
},
{
"branches": [
{
"category": "product_version",
"name": "11.0.30",
"product": {
"name": "Oracle Java SE 11.0.30",
"product_id": "T053104",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:11.0.30"
}
}
},
{
"category": "product_version",
"name": "17.0.18",
"product": {
"name": "Oracle Java SE 17.0.18",
"product_id": "T053105",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:17.0.18"
}
}
},
{
"category": "product_version",
"name": "21.0.10",
"product": {
"name": "Oracle Java SE 21.0.10",
"product_id": "T053106",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:21.0.10"
}
}
},
{
"category": "product_version",
"name": "25.0.2",
"product": {
"name": "Oracle Java SE 25.0.2",
"product_id": "T053107",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:25.0.2"
}
}
},
{
"category": "product_version",
"name": "8u481",
"product": {
"name": "Oracle Java SE 8u481",
"product_id": "T053154",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:8u481"
}
}
},
{
"category": "product_version",
"name": "8u481-b50",
"product": {
"name": "Oracle Java SE 8u481-b50",
"product_id": "T053155",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:8u481-b50"
}
}
},
{
"category": "product_version",
"name": "8u481-perf",
"product": {
"name": "Oracle Java SE 8u481-perf",
"product_id": "T053156",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:8u481-perf"
}
}
},
{
"category": "product_version",
"name": "26",
"product": {
"name": "Oracle Java SE 26",
"product_id": "T053157",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:26"
}
}
}
],
"category": "product_name",
"name": "Java SE"
},
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c12.6.0",
"product": {
"name": "RealObjects PDFreactor \u003c12.6.0",
"product_id": "T054153"
}
},
{
"category": "product_version",
"name": "12.6.0",
"product": {
"name": "RealObjects PDFreactor 12.6.0",
"product_id": "T054153-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:realobjects:pdfreactor:12.6.0"
}
}
}
],
"category": "product_name",
"name": "PDFreactor"
}
],
"category": "vendor",
"name": "RealObjects"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-20652",
"product_status": {
"known_affected": [
"T054153",
"67646",
"T053160",
"T053107",
"T053105",
"T053688",
"T053106",
"T004914",
"T034125",
"T053104",
"T019995",
"T053318",
"T000377",
"T005181",
"T048255",
"398363",
"T053154",
"T053155",
"T053317",
"T053158",
"T032255",
"T053159",
"T053156",
"T053157",
"T036273",
"2951",
"T002207",
"T051349",
"580789",
"T027843",
"T004181",
"T025981"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-20652"
},
{
"cve": "CVE-2026-22003",
"product_status": {
"known_affected": [
"T054153",
"67646",
"T053160",
"T053107",
"T053105",
"T053688",
"T053106",
"T004914",
"T034125",
"T053104",
"T019995",
"T053318",
"T000377",
"T005181",
"T048255",
"398363",
"T053154",
"T053155",
"T053317",
"T053158",
"T032255",
"T053159",
"T053156",
"T053157",
"T036273",
"2951",
"T002207",
"T051349",
"580789",
"T027843",
"T004181",
"T025981"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-22003"
},
{
"cve": "CVE-2026-22007",
"product_status": {
"known_affected": [
"T054153",
"67646",
"T053160",
"T053107",
"T053105",
"T053688",
"T053106",
"T004914",
"T034125",
"T053104",
"T019995",
"T053318",
"T000377",
"T005181",
"T048255",
"398363",
"T053154",
"T053155",
"T053317",
"T053158",
"T032255",
"T053159",
"T053156",
"T053157",
"T036273",
"2951",
"T002207",
"T051349",
"580789",
"T027843",
"T004181",
"T025981"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-22007"
},
{
"cve": "CVE-2026-22008",
"product_status": {
"known_affected": [
"T054153",
"67646",
"T053160",
"T053107",
"T053105",
"T053688",
"T053106",
"T004914",
"T034125",
"T053104",
"T019995",
"T053318",
"T000377",
"T005181",
"T048255",
"398363",
"T053154",
"T053155",
"T053317",
"T053158",
"T032255",
"T053159",
"T053156",
"T053157",
"T036273",
"2951",
"T002207",
"T051349",
"580789",
"T027843",
"T004181",
"T025981"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-22008"
},
{
"cve": "CVE-2026-22013",
"product_status": {
"known_affected": [
"T054153",
"67646",
"T053160",
"T053107",
"T053105",
"T053688",
"T053106",
"T004914",
"T034125",
"T053104",
"T019995",
"T053318",
"T000377",
"T005181",
"T048255",
"398363",
"T053154",
"T053155",
"T053317",
"T053158",
"T032255",
"T053159",
"T053156",
"T053157",
"T036273",
"2951",
"T002207",
"T051349",
"580789",
"T027843",
"T004181",
"T025981"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-22013"
},
{
"cve": "CVE-2026-22016",
"product_status": {
"known_affected": [
"T054153",
"67646",
"T053160",
"T053107",
"T053105",
"T053688",
"T053106",
"T004914",
"T034125",
"T053104",
"T019995",
"T053318",
"T000377",
"T005181",
"T048255",
"398363",
"T053154",
"T053155",
"T053317",
"T053158",
"T032255",
"T053159",
"T053156",
"T053157",
"T036273",
"2951",
"T002207",
"T051349",
"580789",
"T027843",
"T004181",
"T025981"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-22016"
},
{
"cve": "CVE-2026-22018",
"product_status": {
"known_affected": [
"T054153",
"67646",
"T053160",
"T053107",
"T053105",
"T053688",
"T053106",
"T004914",
"T034125",
"T053104",
"T019995",
"T053318",
"T000377",
"T005181",
"T048255",
"398363",
"T053154",
"T053155",
"T053317",
"T053158",
"T032255",
"T053159",
"T053156",
"T053157",
"T036273",
"2951",
"T002207",
"T051349",
"580789",
"T027843",
"T004181",
"T025981"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-22018"
},
{
"cve": "CVE-2026-22021",
"product_status": {
"known_affected": [
"T054153",
"67646",
"T053160",
"T053107",
"T053105",
"T053688",
"T053106",
"T004914",
"T034125",
"T053104",
"T019995",
"T053318",
"T000377",
"T005181",
"T048255",
"398363",
"T053154",
"T053155",
"T053317",
"T053158",
"T032255",
"T053159",
"T053156",
"T053157",
"T036273",
"2951",
"T002207",
"T051349",
"580789",
"T027843",
"T004181",
"T025981"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-22021"
},
{
"cve": "CVE-2026-23865",
"product_status": {
"known_affected": [
"T054153",
"67646",
"T053160",
"T053107",
"T053105",
"T053688",
"T053106",
"T004914",
"T034125",
"T053104",
"T019995",
"T053318",
"T000377",
"T005181",
"T048255",
"398363",
"T053154",
"T053155",
"T053317",
"T053158",
"T032255",
"T053159",
"T053156",
"T053157",
"T036273",
"2951",
"T002207",
"T051349",
"580789",
"T027843",
"T004181",
"T025981"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-23865"
},
{
"cve": "CVE-2026-34268",
"product_status": {
"known_affected": [
"T054153",
"67646",
"T053160",
"T053107",
"T053105",
"T053688",
"T053106",
"T004914",
"T034125",
"T053104",
"T019995",
"T053318",
"T000377",
"T005181",
"T048255",
"398363",
"T053154",
"T053155",
"T053317",
"T053158",
"T032255",
"T053159",
"T053156",
"T053157",
"T036273",
"2951",
"T002207",
"T051349",
"580789",
"T027843",
"T004181",
"T025981"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-34268"
},
{
"cve": "CVE-2026-34282",
"product_status": {
"known_affected": [
"T054153",
"67646",
"T053160",
"T053107",
"T053105",
"T053688",
"T053106",
"T004914",
"T034125",
"T053104",
"T019995",
"T053318",
"T000377",
"T005181",
"T048255",
"398363",
"T053154",
"T053155",
"T053317",
"T053158",
"T032255",
"T053159",
"T053156",
"T053157",
"T036273",
"2951",
"T002207",
"T051349",
"580789",
"T027843",
"T004181",
"T025981"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-34282"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…