WebLogic Server Vulnerability in Oracle Fusion Middleware
CVE-2026-35258
8.7HIGH
What is CVE-2026-35258?
A vulnerability exists in Oracle WebLogic Server that could allow an attacker with low privileges and network access via HTTPS to compromise the server. This vulnerability requires interaction from a user other than the attacker, which increases the complexity of exploitation. Successful exploitation could result in unauthorized actions such as creating, deleting, or modifying critical data accessible through WebLogic Server. Given that the vulnerability resides in WebLogic Server, attackers may use it to impact additional Oracle products, necessitating urgent attention from users of affected versions 14.1.2.0.0 and 15.1.1.0.0.
Affected Version(s)
WebLogic Server 14.1.2.0.0
WebLogic Server 15.1.1.0.0