Vulnerability in Oracle Fusion Middleware's WebLogic Server Console
CVE-2026-35291
6.6MEDIUM
What is CVE-2026-35291?
A security flaw exists in the Oracle Fusion Middleware WebLogic Server Console, allowing an attacker with high privileges and network access via HTTP to compromise the server. This vulnerability can lead to complete takeover of the WebLogic Server, posing significant risks to confidentiality, integrity, and availability of the system. Users of the affected versions (14.1.2.0.0 and 15.1.1.0.0) should take immediate action to mitigate potential threats.
Affected Version(s)
WebLogic Server 14.1.2.0.0
WebLogic Server 15.1.1.0.0