CVE-2026-35312 – Oracle Virtual Directory
CVSS 9.8
CRITICAL
Critical or Zero Day – Immediate Deployment
“A critical directory vulnerability can undermine the systems that connect users, applications, and data.”
This patch addresses CVE-2026-35312 in Oracle Virtual Directory. The vulnerability affects Oracle's directory virtualization platform, which is commonly used to aggregate, manage, and present identity information from multiple directory sources across enterprise environments.
CVE-2026-35312 has a CVSS score of 9.8, which is Critical severity.
No verified exploitation has been reported. The Critical severity rating makes this a high-priority update for organizations that rely on Oracle Virtual Directory to support authentication, identity management, and directory integration services.
Key Details
- Affected Product
- Oracle Virtual Directory
- Attack Vector
- Network
- Attack Complexity
- Low
- Privileges Required
- None
- User Interaction
- None
- CWE Classification
- CWE-284
Patch this CVE on all your endpoints in under 5 minutes.
First 200 endpoints are free forever, scale as needed.