Web Services Manager

Oracle issued an out-of-schedule patch for CVE-2026-21992, a critical unauthenticated remote code execution flaw in Identity Manager and Web Services Manager with a CVSS score of 9.8. Customers are urged to patch immediately.