Oracle security advisory (AV26-261)

Serial number: AV26-261
Date: March 20, 2026

On March 19, 2026, Oracle published a security advisory to address a critical vulnerability in the following products:

• Oracle Identity Manager – versions 12.2.1.4.0 and 14.1.2.1.0
• Oracle Web Services Manager – versions 12.2.1.4.0 and 14.1.2.1.0

The Cyber Centre encourages users and administrators to review the provided web links and perform the suggested mitigations.

• Oracle Security Alert Advisory - CVE-2026-21992
• Oracle Critical Patch Updates, Security Alerts and Bulletins