Exploited CVEs / By vendor / Oracle

Oracle vulnerabilities actively exploited

44 Oracle CVEs on the CISA Known Exploited Vulnerabilities catalog, newest first. Refreshed daily.

Every CVE below is confirmed exploited in the wild, not just theoretically severe. The newest addition is CVE-2026-35273 (PeopleSoft Enterprise PeopleTools, added 2026-06-12). 13 of the 44 are used in ransomware campaigns. New CISA KEV entries appear here the day they are cataloged; the freshest across all vendors are on exploited this week.

44 exploited CVEs13 ransomware-linked

Ask your own AI about Oracle exploited CVEs

Copy this prompt into Claude, ChatGPT, or Copilot. The facts are included, sourced from this page.

WebLogic Server: 12 exploited CVEs

CVEProductAdded to KEVSignals
CVE-2024-21182WebLogic Server2026-06-01CVSS 7.5, EPSS 50%
CVE-2020-2883WebLogic Server2025-01-07CVSS 9.8, EPSS 95%
CVE-2020-14644WebLogic Server2024-09-18CVSS 9.8, EPSS 95%
CVE-2017-3506WebLogic Server2024-06-03CVSS 7.4, EPSS 96%
CVE-2023-21839WebLogic Server2023-05-01CVSS 7.5, EPSS 100%
CVE-2018-2628WebLogic Server2022-09-08CVSS 9.8, EPSS 99%
CVE-2017-10271WebLogic Server2022-02-10ransomware, CVSS 7.5, EPSS 100%
CVE-2019-2725WebLogic Server2022-01-10ransomware, CVSS 9.8, EPSS 100%
CVE-2015-4852WebLogic Server2021-11-03CVSS 9.8, EPSS 96%
CVE-2020-14750WebLogic Server2021-11-03CVSS 9.8, EPSS 99%
CVE-2020-14882WebLogic Server2021-11-03CVSS 9.8, EPSS 100%
CVE-2020-14883WebLogic Server2021-11-03CVSS 7.2, EPSS 98%

Java SE: 7 exploited CVEs

CVEProductAdded to KEVSignals
CVE-2012-5076Java SE2022-03-28CVSS 9.8, EPSS 91%
CVE-2013-2465Java SE2022-03-28ransomware, CVSS 9.8, EPSS 99%
CVE-2012-0507Java SE2022-03-03ransomware, CVSS 9.8, EPSS 98%
CVE-2012-1723Java SE2022-03-03ransomware, CVSS 9.8, EPSS 94%
CVE-2012-4681Java SE2022-03-03ransomware, CVSS 9.8, EPSS 99%
CVE-2015-2590Java SE2022-03-03CVSS 9.8, EPSS 25%
CVE-2015-4902Java SE2022-03-03CVSS 5.3, EPSS 13%

Fusion Middleware: 6 exploited CVEs

CVEProductAdded to KEVSignals
CVE-2025-61757Fusion Middleware2025-11-21CVSS 9.8, EPSS 88%
CVE-2020-2551Fusion Middleware2023-11-16CVSS 9.8, EPSS 93%
CVE-2021-35587Fusion Middleware2022-11-28CVSS 9.8, EPSS 96%
CVE-2012-1710Fusion Middleware2022-05-25ransomware, CVSS 9.8, EPSS 12%
CVE-2012-0518Fusion Middleware2022-03-28CVSS 4.7, EPSS 5%
CVE-2012-3152Fusion Middleware2021-11-03CVSS 9.1, EPSS 99%

Java Runtime Environment (JRE): 4 exploited CVEs

CVEProductAdded to KEVSignals
CVE-2010-0840Java Runtime Environment (JRE)2022-05-25CVSS 9.8, EPSS 96%
CVE-2013-0422Java Runtime Environment (JRE)2022-05-25ransomware, CVSS 9.8, EPSS 98%
CVE-2013-0431Java Runtime Environment (JRE)2022-05-25ransomware, CVSS 5.3, EPSS 90%
CVE-2013-2423Java Runtime Environment (JRE)2022-05-25CVSS 3.7, EPSS 85%

E-Business Suite: 3 exploited CVEs

CVEProductAdded to KEVSignals
CVE-2025-61884E-Business Suite2025-10-20ransomware, CVSS 7.5, EPSS 98%
CVE-2025-61882E-Business Suite2025-10-06ransomware, CVSS 9.8, EPSS 100%
CVE-2022-21587E-Business Suite2023-02-02ransomware, CVSS 9.8, EPSS 98%

Other Oracle products

CVEProductAdded to KEVSignals
CVE-2026-35273PeopleSoft Enterprise PeopleTools2026-06-12ransomware, CVSS 9.8, EPSS 92%
CVE-2024-20953Agile Product Lifecycle Management (PLM)2025-02-24CVSS 8.8, EPSS 3%
CVE-2024-21287Agile Product Lifecycle Management (PLM)2024-11-21CVSS 7.5, EPSS 2%
CVE-2022-21445ADF Faces2024-09-18CVSS 9.8, EPSS 62%
CVE-2016-3427Java SE and JRockit2023-05-12CVSS 9.8, EPSS 92%
CVE-2019-3010Solaris2022-05-25CVSS 8.8, EPSS 14%
CVE-2019-2616BI Publisher (Formerly XML Publisher)2022-03-25CVSS 7.2, EPSS 92%
CVE-2008-3431VirtualBox2022-03-03CVSS 8.8, EPSS 7%
CVE-2011-3544Java SE JDK and JRE2022-03-03CVSS 9.8, EPSS 97%
CVE-2020-14864Intelligence Enterprise Edition2022-01-18CVSS 7.5, EPSS 97%
CVE-2020-14871Solaris and Zettabyte File System (ZFS)2021-11-03CVSS 10.0, EPSS 80%
CVE-2020-2555Multiple Products2021-11-03CVSS 9.8, EPSS 97%

Common questions about exploited Oracle CVEs

Which Oracle vulnerabilities are actively exploited?

As of July 2026, 44 Oracle CVEs are on the CISA Known Exploited Vulnerabilities catalog, meaning exploitation in the wild is confirmed. The most-listed products are WebLogic Server (12), Java SE (7), Fusion Middleware (6), Java Runtime Environment (JRE) (4). 13 are linked to ransomware campaigns.

What is the newest exploited Oracle CVE?

CVE-2026-35273, affecting PeopleSoft Enterprise PeopleTools, added to the CISA KEV catalog on 2026-06-12. This page refreshes daily, so the newest entry is always first in the table.

How urgent are these Oracle CVEs?

KEV listing is the strongest fix-first signal there is: it means confirmed exploitation, not a prediction. Patch these ahead of higher-CVSS issues that nobody is exploiting. Check the vendor advisory (linked below) for fixed versions and workarounds.

Can I ask my own AI about exploited Oracle CVEs?

Yes. This page includes a free copy-paste AI prompt carrying the newest Oracle KEV entries, with CVSS, EPSS, and ransomware context, into Claude, ChatGPT, or Copilot. The data is refreshed daily.

All vendors, searchable with due dates and CSV export: the exploited-CVE tracker. Every vendor with a page: exploited by vendor.

Sponsored by SenservaMicrosoft 365, Intune, Defender, and Entra ID security and compliance, with automated remediation and Trustworthy AI.Scan free
Lexicon: the terms on this page
CVE
Common Vulnerabilities and Exposures. A unique ID for one publicly known vulnerability, such as CVE-2025-1234.
KB
Microsoft Knowledge Base article. The identifier for a specific Microsoft update.
KEV
CISA Known Exploited Vulnerabilities. CVEs confirmed exploited in the wild. Fix these first.
CVSS
Common Vulnerability Scoring System. A standardized Severity score from 0 to 10.
EPSS
Exploit Prediction Scoring System. The probability a CVE will be exploited in the next 30 days.
MSRC
Microsoft Security Response Center. Microsoft's Patch Tuesday advisories and KB-to-CVE mapping.
NVD
National Vulnerability Database (NIST). Authoritative CVE metadata and CVSS scores.
Ransomware
The vulnerability is linked to known ransomware activity.
Reference: the Microsoft patching guide, how Intune, Windows Autopatch, Defender, and Azure Update Manager fit together.
Data notice: this page, the feeds, and the API are provided as is, for informational purposes only, without warranty of any kind. Senserva, LLC does not guarantee the accuracy, completeness, or timeliness of third-party data (MSRC, NVD, CISA KEV, EPSS) and accepts no liability for actions taken based on it; verify against the authoritative vendor advisory before acting. Built daily with Senserva Trustworthy AI. All use of this data is subject to the Senserva EULA.