top of page
ALL POSTS
Drupal Emergency Security Update Alert: May 20 Critical Patch Required for All Sites
Key Findings Drupal Security Team releasing emergency core security update May 20, 5-9 p.m. UTC across all supported branches Vulnerability is severe enough that exploits could be developed within hours or days of patch release Update affects Drupal 11.3.x, 11.2.x, 10.6.x, and 10.5.x with best-effort patches for 11.1.x and 10.4.x End-of-life versions (Drupal 8 and 9) receiving manual patch files only, with no guarantees Drupal 7 is not affected by this vulnerability Backgroun
May 192 min read
Oracle Releases Emergency Patch for Critical RCE Vulnerability CVE-2026-21992 in Identity Manager
Key Findings Oracle released an emergency patch for CVE-2026-21992, a critical remote code execution vulnerability in Identity Manager and Web Services Manager The flaw has a CVSS score of 9.8 and requires no authentication, allowing attackers to execute code over HTTP Affected versions are Identity Manager 12.2.1.4.0 and 14.1.2.1.0, plus Web Services Manager versions 12.2.1.4.0 and 14.1.2.1.0 Oracle classified the vulnerability as "easily exploitable" with low complexity No
Mar 222 min read
bottom of page
