CVE-2026-21994CRITICAL 9.8EPSS p35.6%

CVE-2026-21994CVE-2026-21994

Description

Vulnerability in the Oracle Edge Cloud Infrastructure Designer and Visualisation Toolkit product of Oracle Open Source Projects (component: Desktop). The supported version that is affected is 0.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Edge Cloud Infrastructure Designer and Visualisation Toolkit. Successful attacks of this vulnerability can result in takeover of Oracle Edge Cloud Infrastructure Designer and Visualisation Toolkit. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.45% probability of exploitation · percentile 35.6% · 2026-06-19T12:03:05Z
Published2026-03-17
Last modified2026-04-02

Underlying weaknesses· 1

CWE-284

References

  1. https://www.oracle.com/security-alerts/all-oracle-cves-outside-other-oracle-public-documents.html

1

TypeTargetConfidenceTier
WeaknessImproper Access Controlcwe-2840%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-21969
CVE
CVE-2025-21524
CVE
CVE-2026-21992
CVE
CVE-2026-21997
CVE
CVE-2026-21962
CVE
CVE-2026-21988
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.