WebLogic Server Vulnerability in Oracle Fusion Middleware Products
CVE-2026-35298
9.1CRITICAL
What is CVE-2026-35298?
A vulnerability exists in Oracle's WebLogic Server found within the Fusion Middleware suite, enabling attackers with high privileges and network access via HTTP to potentially compromise the server. This allows for unauthorized access and manipulation of the server, which could lead to significant security risks not only within WebLogic Server but also across integrated products. Supported versions that may be affected include 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0, and 15.1.1.0.0.
Affected Version(s)
WebLogic Server 12.2.1.4.0
WebLogic Server 14.1.1.0.0
WebLogic Server 14.1.2.0.0