Description
Vulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0 and 15.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via TCP to compromise WebLogic Server. Successful attacks of this vulnerability can result in takeover of WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Published: 2026-06-16
Score: 9.8 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A vulnerability in Oracle WebLogic Server allows an unauthenticated attacker with network access via TCP to compromise the server, potentially resulting in full takeover and compromising confidentiality, integrity, and availability. This is a CWE‑502 Unserialize Untrusted Data flaw. The CVSS 3.1 score of 9.8 and vector AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H reflect the severity.

Affected Systems

Oracle WebLogic Server versions 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0, and 15.1.1.0.0 within Oracle Fusion Middleware (Core component) are affected.

Risk and Exploitability

The high CVSS score indicates severe impact, while the EPSS score of less than 1% suggests a low yet nonzero probability of exploitation in the wild. The vulnerability is not listed in CISA’s KEV catalog. An attacker with network access over TCP can exploit the flaw without authentication, making it easily exploitable and posing a significant risk to environments where WebLogic Server is exposed.

Generated by OpenCVE AI on June 18, 2026 at 12:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Oracle WebLogic Server patch or migrate to a non‑affected release
  • Limit inbound TCP connections to the WebLogic ports using firewall rules or network segmentation
  • Regularly monitor logs for suspicious activity related to WebLogic Server

Generated by OpenCVE AI on June 18, 2026 at 12:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 18 Jun 2026 04:45:00 +0000

Type Values Removed Values Added
Title Remote Code Execution via Network Vulnerability in Oracle WebLogic Server

Wed, 17 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-502
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 16 Jun 2026 20:45:00 +0000

Type Values Removed Values Added
Description Vulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0 and 15.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via TCP to compromise WebLogic Server. Successful attacks of this vulnerability can result in takeover of WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
First Time appeared Oracle
Oracle weblogic Server
CPEs cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server:14.1.2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server:15.1.1.0.0:*:*:*:*:*:*:*
Vendors & Products Oracle
Oracle weblogic Server
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}


Subscriptions

Oracle Weblogic Server
cve-icon MITRE

Status: PUBLISHED

Assigner: oracle

Published:

Updated: 2026-06-18T03:57:28.982Z

Reserved: 2026-04-01T20:03:40.836Z

Link: CVE-2026-35300

cve-icon Vulnrichment

Updated: 2026-06-17T13:10:43.696Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-18T13:00:16Z

Weaknesses
  • CWE-502

    Deserialization of Untrusted Data