User Interface Vulnerability in Oracle Financial Services Applications
CVE-2026-34321

4.8MEDIUM

Key Information:

Vendor: Oracle
Status: Oracle Financial Services Analytical Applications Infrastructure
Vendor: CVE Published:; 21 April 2026

What is CVE-2026-34321?

A security issue exists within the User Interface of the Oracle Financial Services Analytical Applications Infrastructure, affecting versions 8.0.7.9, 8.0.8.7, and 8.1.2.5. This vulnerability can be exploited by low-privileged attackers with network access via HTTP, requiring interaction from a third party to succeed. If successfully exploited, it may allow unauthorized access to sensitive data, or even full access to all data within the Oracle Financial Services Analytical Applications Infrastructure.

Affected Version(s)

Oracle Financial Services Analytical Applications Infrastructure 8.0.7.9

Oracle Financial Services Analytical Applications Infrastructure 8.0.8.7

Oracle Financial Services Analytical Applications Infrastructure 8.1.2.5

References

https://www.oracle.com/security-alerts/cpuapr2026.html

vendor-advisory

CVSS V3.1

Score:

4.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 21, 2026
Vulnerability Reserved
Mar 26, 2026

CVE-2026-34321 Data

JSON