CVE-2026-35314 – Oracle Access Manager
CVSS 7.3
IMPORTANT
Critical or Zero Day – Immediate Deployment
“Access management weaknesses can put the front door of the enterprise at risk.”
This patch addresses two vulnerabilities in Oracle Access Manager. The update covers CVE-2026-35313 and CVE-2026-35314, affecting a core identity and access control platform used to manage authentication and application access across enterprise environments.
CVE-2026-35313 has a CVSS score of 9.9, which is Critical severity. CVE-2026-35314 has a CVSS score of 7.3, which is High severity.
No verified exploitation has been reported. The Critical severity rating makes this a high-priority update for organizations using Oracle Access Manager, especially where the platform protects business-critical applications and identity workflows.
Key Details
- Affected Product
- Oracle Access Manager
- Attack Vector
- Network
- Attack Complexity
- Low
- Privileges Required
- None
- User Interaction
- None
- CWE Classification
- CWE-284
Patch this CVE on all your endpoints in under 5 minutes.
First 200 endpoints are free forever, scale as needed.