A Vulnerability in Oracle Products Could Allow for Remote Code Execution

A remotely exploitable, unauthenticated remote code execution vulnerability (CVE-2026-21992) has been reported in Oracle Identity Manager and Oracle Web Services Manager; successful exploitation may allow attackers to run arbitrary code, install programs, view/change/delete data, or create accounts with full privileges, with higher impact for administrative users.