The Hacker News

Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager

Oracle has released security updates to address a critical security flaw impacting Identity Manager and Web Services Manager that could be exploited to achieve remote code execution. The vulnerability ...
Bleeping Computer

Oracle pushes emergency fix for critical Identity Manager RCE flaw

Update: Added that Oracle declined to comment on whether the vulnerability has been exploited. Oracle has released an out-of-band security update to fix a critical unauthenticated remote code ...
heise online

Oracle Identity Manager: Out-of-band update against code smuggling vulnerability

Oracle has released an emergency update outside the usual quarterly Critical Patch Update (CPU) patch day. It closes a security vulnerability in Oracle Identity Manager and Web Services Manager, which ...
scoop

Identity and Access Management Statistics By Security (2026)

Market.us Scoop, we strive to bring you the most accurate and up-to-date information by utilizing a variety of resources, including paid and free sources, primary research, and phone interviews. Learn ...
NextBigFuture

One Identity Unveils Major Upgrade to Identity Manager, Strengthening Enterprise Identity ...

One Identity, a trusted leader in identity security, today announces a major upgrade to One Identity Manager, a top-rated IGA solution, strengthening identity governance as a critical security control ...
thecyberexpress

CISA Adds Oracle Identity Manager Vulnerability to KEV Database

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added an Oracle Identity Manager vulnerability to its Known Exploited Vulnerabilities database after the SANS Internet Storm Center ...
Dark Reading

Critical Flaw in Oracle Identity Manager Under Exploitation

A critical flaw in Oracle's Identity Manager has been exploited in the wild, marking the latest threat for customers of the enterprise software giant. CVE-2025-61757 is a remote code execution (RCE) ...
The Hacker News

CISA Warns of Actively Exploited Critical Oracle Identity Manager Zero-Day Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw impacting Oracle Identity Manager to its Known Exploited Vulnerabilities (KEV) catalog, citing ...
Bleeping Computer

CISA warns Oracle Identity Manager RCE flaw is being actively exploited

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning government agencies to patch an Oracle Identity Manager tracked as CVE-2025-61757 that has been exploited in attacks, ...
SecurityWeek

Critical Oracle Identity Manager Flaw Possibly Exploited as Zero-Day

[UPDATED] A recently patched Oracle Identity Manager vulnerability may have been exploited as a zero-day. The vulnerability, tracked as CVE-2025-61757, was disclosed on Thursday by Searchlight Cyber, ...
The New York Times

Your Data Appeared in a Leak. Now What?

We independently review everything we recommend. When you buy through our links, we may earn a commission. Learn more› By Max Eddy Max Eddy is a writer who has covered privacy and security — including ...