{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-10T22:22:26.424","vulnerabilities":[{"cve":{"id":"CVE-2026-21960","sourceIdentifier":"secalert_us@oracle.com","published":"2026-01-20T22:15:58.853","lastModified":"2026-01-29T20:59:47.530","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Applications DBA product of Oracle E-Business Suite (component: Java utils).  Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Applications DBA.  Successful attacks of this vulnerability can result in  unauthorized creation, deletion or modification access to critical data or all Oracle Applications DBA accessible data as well as  unauthorized access to critical data or complete access to all Oracle Applications DBA accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality and Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N)."},{"lang":"es","value":"Vulnerabilidad en el producto Oracle Applications DBA de Oracle E-Business Suite (componente: Java utils). Las versiones compatibles que están afectadas son 12.2.3-12.2.15. La vulnerabilidad fácilmente explotable permite a un atacante con altos privilegios con acceso a la red vía HTTP comprometer Oracle Applications DBA. Los ataques exitosos de esta vulnerabilidad pueden resultar en acceso no autorizado de creación, eliminación o modificación a datos críticos o a todos los datos accesibles de Oracle Applications DBA, así como acceso no autorizado a datos críticos o acceso completo a todos los datos accesibles de Oracle Applications DBA. Puntuación Base CVSS 3.1 de 6.5 (impactos en la Confidencialidad y la Integridad). Vector CVSS: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N)."}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":5.2}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:applications_dba:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"07D382CD-2C94-4B1A-9C44-9B2232AFDD8E"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cpujan2026.html","source":"secalert_us@oracle.com","tags":["Patch","Vendor Advisory"]}]}}]}