Vulnerability in Oracle Financial Services Analytical Applications Infrastructure Product
CVE-2026-34325

6.8MEDIUM

Key Information:

Vendor: Oracle
Status: Oracle Financial Services Analytical Applications Infrastructure
Vendor: CVE Published:; 21 April 2026

What is CVE-2026-34325?

A vulnerability exists in Oracle Financial Services Analytical Applications Infrastructure that could allow a low privileged attacker with logon access to compromise the application. This exploitable vulnerability requires human interaction from an unsuspecting user, which could lead to unauthorized access to sensitive information. Attackers may gain full access to all data within the application, enabling them to manipulate or delete records. Additionally, the vulnerability poses risks of causing system crashes, leading to denial-of-service conditions. Organizations using affected versions should take immediate action to mitigate potential risks associated with this vulnerability.

Affected Version(s)

Oracle Financial Services Analytical Applications Infrastructure 8.0.7.9

Oracle Financial Services Analytical Applications Infrastructure 8.0.8.7

Oracle Financial Services Analytical Applications Infrastructure 8.1.2.5

References

https://www.oracle.com/security-alerts/cpuapr2026.html

vendor-advisory

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 21, 2026
Vulnerability Reserved
Mar 26, 2026

CVE-2026-34325 Data

JSON