Workflow

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-21959 MEDIUM PATCH This Month

Unauthorized data disclosure in Oracle Workflow Loader (versions 12.2.3-12.2.15) allows high-privileged attackers with network access to extract sensitive information from the Oracle E-Business Suite environment. The vulnerability requires administrator-level credentials and HTTP connectivity but can result in complete exposure of workflow-accessible data. A patch is available to remediate this confidentiality issue.

Oracle Workflow
NVD
CVSS 3.1
4.9
EPSS
0.0%
CVE-2025-21541 MEDIUM This Month

Vulnerability in the Oracle Workflow product of Oracle E-Business Suite (component: Admin Screens and Grants UI). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Workflow
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2026-21959
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

Unauthorized data disclosure in Oracle Workflow Loader (versions 12.2.3-12.2.15) allows high-privileged attackers with network access to extract sensitive information from the Oracle E-Business Suite environment. The vulnerability requires administrator-level credentials and HTTP connectivity but can result in complete exposure of workflow-accessible data. A patch is available to remediate this confidentiality issue.

Oracle Workflow
NVD
CVE-2025-21541
EPSS 0% CVSS 5.4
MEDIUM This Month

Vulnerability in the Oracle Workflow product of Oracle E-Business Suite (component: Admin Screens and Grants UI). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Workflow
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy