Oracle Web Services Manager — known CVE vulnerabilities
Every CVE whose affected-product data names Oracle Web Services Manager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2026-21992 — CVSS 9.8 (critical): Vulnerability in the Oracle Identity Manager product of Oracle Fusion Middleware (component: REST WebServices) and Oracle Web Services…
CVE-2022-21497 — CVSS 8.1 (high): Vulnerability in the Oracle Web Services Manager product of Oracle Fusion Middleware (component: Web Services Security). Supported versions…
CVE-2023-21862 — CVSS 8.1 (high): Vulnerability in the Oracle Web Services Manager product of Oracle Fusion Middleware (component: XML Security component). The supported…