Supply Chain Products Suite

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-21940 HIGH This Week

Unauthenticated attackers can access sensitive data in Oracle Agile PLM 9.3.6 through an HTTP network request targeting the User and User Group component, potentially exposing all accessible information within the application. This easily exploitable vulnerability requires no user interaction and affects Oracle Supply Chain Products Suite deployments. No patch is currently available.

Oracle Supply Chain Products Suite

NVD

CVSS 3.1

7.5

EPSS

0.1%

CVE-2026-21940

EPSS 0% CVSS 7.5

HIGH This Week

Unauthenticated attackers can access sensitive data in Oracle Agile PLM 9.3.6 through an HTTP network request targeting the User and User Group component, potentially exposing all accessible information within the application. This easily exploitable vulnerability requires no user interaction and affects Oracle Supply Chain Products Suite deployments. No patch is currently available.

Oracle Supply Chain Products Suite

NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy