Oracle has released an out-of-band security update to fix a critical unauthenticated remote code execution vulnerability in Identity Manager and Web Services Manager tracked as CVE-2026-21992. [...]
Oracle pushes emergency fix for critical Identity Manager RCE flaw
Summary + source link. No paywalls, no tracking.