Monday , July 13 2026

Oracle Patched 309 Vulnerabilities with 145 Remotely Exploitable Flaw

Oracle’s July 2025 Critical Patch Update was released fixing 309 security vulnerabilities across its products. The update impacts 34 key product families. Oracle Communications has the most patches at 112 vulnerabilities, followed by MySQL with 40 and Oracle Fusion Middleware.

145 remote vulnerabilities could be exploited without authentication, allowing attackers to breach systems without valid credentials.

Ransomware Crisis in 2026: 5,064 Organizations Affected in 135 Countries

Global ransomware attacks stayed very high in the first seven months of 2026. There were 5,064 confirmed victims in 135...
Read More
Ransomware Crisis in 2026: 5,064 Organizations Affected in 135 Countries

Palo Alto Networks Addresses 13 Vulnerabilities

Palo Alto Networks shared warnings on Wednesday about over twelve security issues in its products. The new warnings include 13 security...
Read More
Palo Alto Networks Addresses 13 Vulnerabilities

Critical Dell BIOS & Zimbra Flaws Expose Enterprise Systems

A critical flaw with how Dell saves BIOS passwords lets anyone quickly recover these passwords from a flash dump without...
Read More
Critical Dell BIOS & Zimbra Flaws Expose Enterprise Systems

CoLoCity Launches New 1.0 MW Data Center Facility at Gulshan

CoLoCity is proud to launch a new Data Center in Gulshan-2. It is designed to meet the growing demand for...
Read More
CoLoCity Launches New 1.0 MW Data Center Facility at Gulshan

Daily Cyber security update for 10. 07. 2026

Cyberattacks are rising around the world, including ransomware, malware, data leaks, and hacked websites. These events show how complex and...
Read More
Daily Cyber security update for 10. 07. 2026

How Hacker Compromise AWS Cloud Environment Using AI in 72 Hours

A major AWS attack shows how attackers with AI can connect known cloud strategies to go from first access to...
Read More
How Hacker Compromise AWS Cloud Environment Using AI in 72 Hours

Mycelium Framework: First AI-as-a-Service Botnet

A new cybercrime ad is catching attention in the security world. It talks about a botnet that doesn't just get...
Read More
Mycelium Framework: First AI-as-a-Service Botnet

CrowdStrike Shows 5 New Prompt Injection Techniques for AI Agents

CrowdStrike has shared five new ways to inject prompts, showing the rising danger to AI agents as more organizations use...
Read More
CrowdStrike Shows 5 New Prompt Injection Techniques for AI Agents

Critical GCP Dialogflow Vulnerability Allows Malicious Code Injection

A critical flaw in Google Cloud Platform’s Dialogflow CX lets attackers add harmful code to a company's AI chatbot system....
Read More
Critical GCP Dialogflow Vulnerability Allows Malicious Code Injection

CIRT identified 153 publicly exposed FortiGate devices in Bangladesh

CIRT identified 153 publicly exposed FortiGate devices in Bangladesh. In an advisory CIRT said, the campaign has been observed globally,...
Read More
CIRT identified 153 publicly exposed FortiGate devices in Bangladesh

Breakdown of Vulnerabilities by Products

Oracle’s flagship database products face significant security challenges with this update. The most critical database vulnerability, CVE-2025-30751, carries a CVSS score of 8.8 and affects Oracle Database Server versions 19.3-19.27 and 23.4-23.8.

Oracle Application Express (APEX) users face an even more severe threat with CVE-2025-50067, scoring 9.0 on the CVSS scale.

The vulnerability in the Strategic Planner Starter App could let attackers fully compromise the system with little user interaction.

The Java ecosystem also receives substantial attention with 11 new security patches for Oracle Java SE.

Critical vulnerabilities CVE-2025-50059 (CVSS 8.6) and CVE-2025-30749 (CVSS 8.1) impact networking and 2D components in various Java versions, including Oracle GraalVM.

These flaws could enable remote code execution in Java applications, particularly those running sandboxed applets or Web Start applications.

Oracle’s enterprise middleware stack faces significant security challenges, with WebLogic Server receiving 8 vulnerability patches, including the severe CVE-2025-30762 affecting T3 and IIOP protocols.

Fusion Middleware components contain multiple Apache Commons BeanUtils vulnerabilities (CVE-2025-48734) scoring 8.8, which could lead to remote code execution in enterprise applications.

The MySQL database ecosystem requires immediate attention with 40 security patches addressing various components from server core functionality to clustering mechanisms.

Notable vulnerabilities include CVE-2025-50076 and CVE-2025-50078 affecting DML operations, and optimizer-related flaws that could cause denial-of-service conditions.

The next Critical Patch Update is scheduled for October 21, 2025, followed by quarterly releases in January, April, and July 2026.

Organizations need to implement systematic patch management to tackle ongoing security issues, as Oracle identifies and fixes vulnerabilities in its extensive product range.

Check Also

Tenda

CERT/CC Alerts to Hidden Admin Backdoor in Tenda Router Firmware

Several Tenda firmware versions have a hidden backdoor that lets people gain admin access to …