VDB
GCVE-110-NCSC-2026-202
GCVE-110-NCSC-2026-202
Advisory PublishedCVSS 7.5/10
Apache Log4j's JsonTemplateLayout up to version 2.25.3 improperly serializes non-finite floating-point values, producing invalid JSON that can disrupt log processing, while Oracle Enterprise Manager Base Platform versions 13.5 and 24.1 have a critical vulnerability allowing unauthenticated data modification.
Weaknesses (CWE)
CWE-116Improper Encoding or Escaping of Output
Risk Scores
CVSS 3.1
7.5/10
High · CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Oracle | vers:unknown/* | — | — |
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.