—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Multiple Vulnerabilities in Oracle Products 

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: High

Software Affected

Oracle MySQL

Java SE

Oracle Database Server

WebLogic Server

VirtualBox

For complete list of affected products refer to the oracle advisory:

https://www.oracle.com/security-alerts/cpujan2026.html

Overview

Multiple vulnerabilities have been reported in various Oracle products, which could be exploited by a remote attacker to trigger elevation of privilege, denial of service condition, remote code execution, data manipulation, sensitive information disclosure and security restriction bypass on the targeted system.

Target Audience:

Individuals and organisational users of the above-mentioned Oracle products.

Risk Assessment:

High risk of information disclosure, data manipulation, system instability and arbitrary code execution.

Impact Assessment:

Potential unauthorized access to sensitive information, denial of service, data manipulation, and complete takeover of control of the target system.

Description

Oracle products are used for several applications including enterprise-level data management, cloud solutions, software development, and business applications. They are employed across a wide range of sectors, including finance, healthcare, manufacturing, government, and retail, among others.

Multiple vulnerabilities have been reported in various components of Oracle products.

Successful exploitation of these vulnerabilities could allow an attacker to trigger elevation of privilege, denial of service condition, remote code execution, data manipulation, sensitive information disclosure and security restriction bypass on the targeted system.

For complete list of affected products, CVEs, workarounds and solutions, refer to the oracle advisory:

https://www.oracle.com/security-alerts/cpujan2026.html

Solution

Apply appropriate updates as mentioned in Oracle updates:  

https://www.oracle.com/security-alerts/cpujan2026.html

Vendor Information

Oracle

https://www.oracle.com/security-alerts/cpujan2026.html

References

Oracle

https://www.oracle.com/security-alerts/cpujan2026.html

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAml4rwcACgkQ3jCgcSdc

ys8Fjw//fO1tfmkn9+p2nt7sRwgoUlX5l8zeHvNjqVERsHflaDcBWq8B7d+7HAyr

rOIkkIk/KE+hpDXcS2xrLbeR/5XfekNpW2Jr10TvvpdbdgUHw4BmtSIr6f0Gl/yW

9GlhZs714AGg39Vqckt5HxiKuYUVFTTO+l6JSngN8D92AkryLBFGL6oQWCTopNkO

S/Tk5PBpPp+E2DjUQmOWhn+hYwYDMm+A0OfkF2AqcvlOUvZ0CeMhugRH6H+KTqDN

odIM1s6za+G0n+gnjUgIFayWaq+HNcE1YCYqAetEBloreMjM96NoZ9ZGks0OA2kD

hq7/PiYkVfdNv4p11ciKGiOjvRxh3xu4byJTfGJ0wIOQZH2w7SH5PDh1Nqd/fMIo

5RlPSv4WPHmyZDBuZasDz2o5SVz7Jl7/vxvp/l0sBwwzrIy2oeLYHGFZmIlwWZte

bZPSgZA1nVncbrBck3DRuOsft7AiqNxbiPUDD7+fft2sD2VW6Li/jH4Yss9XW/Dq

Vbflb54yunHqqJOYaCoX2ZFJcRLja83HhpcL49iQ0Bjjz7M3Y7h85aKM+eaA0mef

kjTdgXcl+z+PfGQ6VVFV3P5hHBETtJttf0XO3kj4DR+iCGgN+gpMtl+/6J0/ExFV

XKWp7DL8XfRDCGJQv8DS3jHZim8ANBEZGggIWTCbw5WaW307EIw=

=qxoF

—–END PGP SIGNATURE—–