Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionCVE.org
Vulnerability in the Net Service component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Net Service. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Net Service. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
AnalysisAI
Remote denial-of-service in Oracle Database Server's Net Service component (versions 23.4.0 through 23.26.2) allows unauthenticated attackers with TLS network access to hang or repeatedly crash the listener, producing a complete DoS of database connectivity. The flaw is rated CVSS 7.5 (availability-only) and was disclosed by Oracle in the May 2026 Critical Patch Update; no public exploit identified at time of analysis and the issue is not currently listed in CISA KEV.
Technical ContextAI
Oracle Net Services is the connectivity layer that brokers client/server sessions to the Oracle Database (typically via the TNS Listener on port 1521 or TLS-enabled equivalents such as 2484). The affected CPE is cpe:2.3:a:oracle_corporation:oracle_database_server, scoped to the 23c release line (23.4.0-23.26.2). No CWE was assigned by Oracle, but the symptom - a remotely triggered hang or repeatable crash reached over TLS without authentication - is consistent with an unhandled exception or resource-exhaustion class defect in the TLS handshake or TNS protocol parsing prior to session authentication, since exploitation does not require valid credentials.
RemediationAI
Apply the fixes shipped in the Oracle Critical Patch Update of May 2026 (https://www.oracle.com/security-alerts/cspumay2026.html); patch availability is confirmed by the vendor advisory but an exact post-fix build number is not provided in this input, so consult the CPU matrix for the precise RU/RUR that supersedes 23.26.2 in your environment. As a compensating control until patching, restrict TCP/IP reachability of the TNS listener (default 1521 and any TCPS/TLS port such as 2484) to known application tiers via firewall or Oracle Connection Manager / valnode (TCP.VALIDNODE_CHECKING with TCP.INVITED_NODES) - the trade-off is operational overhead and the risk of breaking ad-hoc DBA tooling. Where TLS is not strictly required, temporarily disabling the TCPS endpoint removes the specific attack path described but obviously eliminates encrypted client connectivity. Monitor listener.log and alert.log for repeated abnormal disconnects or listener restarts as a detection signal.
Same weakness CWE-400 – Uncontrolled Resource Consumption
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-33014
GHSA-2qv6-qqvc-2gcp