Unauthorized Data Access in Oracle Financial Services Customer Screening
CVE-2026-34320

7.5HIGH

Key Information:

Vendor: Oracle
Status: Oracle Financial Services Customer Screening
Vendor: CVE Published:; 21 April 2026

What is CVE-2026-34320?

A vulnerability exists in the Oracle Financial Services Customer Screening product within the User Interface component. This issue allows an unauthenticated attacker with network access via HTTP to exploit the system, potentially leading to unauthorized access to sensitive data. Successful exploitation can grant attackers complete access to all data within the Oracle Financial Services Customer Screening application, posing significant risks to data confidentiality. Organizations using version 8.1.2.8.0 are urged to take immediate action to mitigate this threat.

Affected Version(s)

Oracle Financial Services Customer Screening 8.1.2.8.0

References

https://www.oracle.com/security-alerts/cpuapr2026.html

vendor-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 21, 2026
Vulnerability Reserved
Mar 26, 2026

CVE-2026-34320 Data

JSON