Oracle has released an emergency out”‘of”‘band patch to address a critical vulnerability, tracked as CVE”‘2026″‘21992, that affects two core enterprise products: Oracle Identity Manager and Oracle Web Services Manager. The flaw, disclosed on March 19, 2026, carries a CVSS v3.1 base score of 9.8, placing it in the highest severity category and prompting an urgent advisory from the company’s Integrated Cyber Center (ICC).
First seen on thecyberexpress.com
Jump to article: thecyberexpress.com/oracle-identity-manager-cve-2026-21992-patch/
