Vulnerability in Oracle Java SE and GraalVM Products

CVE-2025-21587

Summary

This vulnerability in Oracle Java SE and GraalVM components allows attackers to exploit unauthenticated network access, potentially leading to unauthorized control over critical data. Attackers can manipulate Java environments, particularly those using sandboxed applications, enabling them to create, delete, or modify sensitive information. The vulnerability is particularly concerning for deployments running untrusted code via APIs, which may expose critical weaknesses across multiple protocols.

References