Skip to main content

Oracle Data Integrator

1 CVEs product

Monthly

CVE-2026-35262 HIGH This Week

Authenticated tampering and data exposure in Oracle Data Integrator 12.2.1.4.0 and 14.1.2.0.0 (Market Place component) allows a low-privileged attacker with HTTP network access to read, modify, or delete all data accessible to the product and induce a partial denial of service. Oracle assigns a CVSS 3.1 base score of 8.3 (AV:N/AC:L/PR:L/UI:N/C:H/I:H/A:L), and no public exploit identified at time of analysis. The flaw is described by Oracle as easily exploitable, raising the priority for any externally reachable ODI deployment.

Authentication Bypass Denial Of Service Oracle Oracle Data Integrator
NVD
CVSS 3.1
8.3
EPSS
0.4%
EPSS 0% CVSS 8.3
HIGH This Week

Authenticated tampering and data exposure in Oracle Data Integrator 12.2.1.4.0 and 14.1.2.0.0 (Market Place component) allows a low-privileged attacker with HTTP network access to read, modify, or delete all data accessible to the product and induce a partial denial of service. Oracle assigns a CVSS 3.1 base score of 8.3 (AV:N/AC:L/PR:L/UI:N/C:H/I:H/A:L), and no public exploit identified at time of analysis. The flaw is described by Oracle as easily exploitable, raising the priority for any externally reachable ODI deployment.

Authentication Bypass Denial Of Service Oracle +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy