CVE-2026-34279 — Vulnetix

CVE-2026-34279 PUBLISHED CVSS 9.100000381469727 CRITICAL

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Event Management). Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Enterprise Manager Base Platform. While the vulnerability is in Oracle Enterprise Manager Base Platform, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle Enterprise Manager Base Platform. CVSS 3.1 Base Score 9.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).

Risk Scores

CVSS v3.1

9.100000381469727

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
Oracle Corporation	Oracle Enterprise Manager Base Platform	13.5, 24.1
oracle	enterprise_manager_base_platform

Timeline

Apr 21, 2026 CVE Published
Apr 22, 2026 Security Advisory
Apr 22, 2026 CVE Updated

References

Oracle Advisory vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2026-34279 advisory

Open in Interactive Console →