{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-34292", "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "state": "PUBLISHED", "assignerShortName": "oracle", "dateReserved": "2026-03-26T19:48:45.677Z", "datePublished": "2026-04-21T20:35:26.742Z", "dateUpdated": "2026-04-22T13:45:49.594Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle", "dateUpdated": "2026-04-21T20:35:26.742Z"}, "problemTypes": [{"descriptions": [{"lang": "en-US", "description": "Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server."}]}], "affected": [{"vendor": "Oracle Corporation", "product": "Oracle WebLogic Server", "versions": [{"version": "12.2.1.4.0", "status": "affected", "versionType": "semver"}, {"version": "14.1.1.0.0", "status": "affected", "versionType": "semver"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*"}, {"vulnerable": true, "criteria": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*"}]}]}], "descriptions": [{"lang": "en-US", "value": "Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)."}], "references": [{"url": "https://www.oracle.com/security-alerts/cpuapr2026.html", "name": "Oracle Advisory", "tags": ["vendor-advisory"]}], "metrics": [{"cvssV3_1": {"attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "baseScore": 7.2, "baseSeverity": "HIGH"}}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-284", "lang": "en", "description": "CWE-284 Improper Access Control"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-22T13:45:33.764219Z", "id": "CVE-2026-34292", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-22T13:45:49.594Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-34292", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-22T13:45:33.764219Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-284", "description": "CWE-284 Improper Access Control"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-22T13:45:45.444Z"}}], "cna": {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "Oracle Corporation", "product": "Oracle WebLogic Server", "versions": [{"status": "affected", "version": "12.2.1.4.0", "versionType": "semver"}, {"status": "affected", "version": "14.1.1.0.0", "versionType": "semver"}]}], "references": [{"url": "https://www.oracle.com/security-alerts/cpuapr2026.html", "name": "Oracle Advisory", "tags": ["vendor-advisory"]}], "descriptions": [{"lang": "en-US", "value": "Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)."}], "problemTypes": [{"descriptions": [{"lang": "en-US", "description": "Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server."}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}], "providerMetadata": {"orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle", "dateUpdated": "2026-04-21T20:35:26.742Z"}}}, "cveMetadata": {"cveId": "CVE-2026-34292", "state": "PUBLISHED", "dateUpdated": "2026-04-22T13:45:49.594Z", "dateReserved": "2026-03-26T19:48:45.677Z", "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "datePublished": "2026-04-21T20:35:26.742Z", "assignerShortName": "oracle"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)."}], "id": "CVE-2026-34292", "lastModified": "2026-04-22T14:16:56.790", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "secalert_us@oracle.com", "type": "Secondary"}]}, "published": "2026-04-21T21:16:34.087", "references": [{"source": "secalert_us@oracle.com", "url": "https://www.oracle.com/security-alerts/cpuapr2026.html"}], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "12.2.1.4.0"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "14.1.1.0.0"}}], "enrichment": {"confidence": 90.0, "confidence_source": "inferred", "scores": [{"score": 90.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Oracle WebLogic Server", "source": "cna", "vendor": "Oracle Corporation"}, "product": "weblogic_server", "vendor": "oracle"}], "analysis": {"en": {"generated_at": "2026-04-22T09:31:16.214618+00:00", "value": {"mitigation_remediation": ["Identify the WebLogic Server version running on all production systems and verify whether it matches the affected releases (12.2.1.4.0 or 14.1.1.0.0).", "Download and apply the patch or upgrade to a non\u2011affected version provided in Oracle\u2019s April\u00a02026 CPU advisory.", "Restrict inbound HTTP traffic to the WebLogic Server by enforcing firewall rules or moving the server behind an application proxy, and require strong authentication before allowing any HTTP connections."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution and Server Takeover"}, "threat_synthesis": {"affected_systems": "Oracle WebLogic Server versions 12.2.1.4.0 and 14.1.1.0.0 are affected. These releases are part of Oracle Fusion Middleware and are used to host enterprise web applications.", "description_and_impact": "A vulnerability in Oracle WebLogic Server enables a high\u2011privileged attacker who can reach the server over HTTP to compromise the entire instance. The flaw allows the attacker to gain full control, compromising confidentiality, integrity, and availability of the application server.", "risk_and_exploitability": "The CVSS 3.1 score of 7.2 indicates moderate\u2011to\u2011high severity. No EPSS score is available, so the precise exploitation likelihood is unknown, but the network\u2011based vector (AV:N) means anyone with network access could attempt an attack. The vulnerability is not currently listed in the CISA KEV catalog. Based on the description, the attack enables a remote attacker to gain high\u2011level privileges and take over the WebLogic Server, compromising confidentiality, integrity, and availability."}}}}, "created": "2026-04-22T02:45:05.853230+00:00", "title": "High\u2011Privilege Remote Code Execution in Oracle WebLogic Server via HTTP", "updated": "2026-04-22T09:45:13.085489+00:00", "vendors": ["oracle", "oracle$PRODUCT$weblogic_server"], "weaknesses": ["CWE-502", "CWE-360"]}