Cyber Security News

Oracle Patches 450 Vulnerabilities With April 2026 CPU

CybersecurityNews
Oracle Patches 450 Vulnerabilities With April 2026 CPU
Oracle released 481 security patches in its April 2026 Critical Patch Update covering 28 product families, addressing roughly 450 unique CVEs with more than 300 vulnerabilities that are remotely exploitable without authentication. The update heavily impacted Oracle Communications, Financial Services Applications, and Fusion Middleware, and follows an emergency fix for CVE-2026-21992 in Identity Manager and Web Services Manager. #OracleCommunications #CVE202621992

Keypoints

  • Oracle issued 481 patches across 28 product families in the April 2026 CPU.
  • More than 300 fixes address remotely exploitable vulnerabilities that do not require authentication.
  • Oracle Communications received the most fixes (139), followed by Financial Services Applications (75) and Fusion Middleware (59).
  • Approximately 390 of the resolved vulnerabilities were publicly disclosed within the past two years, with a few dating back to 2020–2021.
  • An emergency patch for CVE-2026-21992 was released a month earlier for Identity Manager and Web Services Manager.

Read More: https://www.securityweek.com/oracle-patches-450-vulnerabilities-with-april-2026-cpu/