VDB
GCVE-110-NCSC-2026-27
GCVE-110-NCSC-2026-27
Advisory PublishedCVSS 10.0/10
Multiple vulnerabilities across Apache Log4j, Oracle products, and various dependencies expose systems to denial-of-service and remote code execution risks, necessitating updates to secure versions.
Weaknesses (CWE)
CWE-674Uncontrolled RecursionCWE-404Improper Resource Shutdown or ReleaseCWE-20Improper Input ValidationCWE-918Server-Side Request Forgery (SSRF)CWE-150Improper Neutralization of Escape, Meta, or Control SequencesCWE-400Uncontrolled Resource ConsumptionCWE-787Out-of-bounds WriteCWE-611Improper Restriction of XML External Entity ReferenceCWE-362Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')CWE-284Improper Access ControlCWE-209Generation of Error Message Containing Sensitive InformationCWE-289Authentication Bypass by Alternate NameCWE-285Improper AuthorizationCWE-476NULL Pointer DereferenceCWE-770Allocation of Resources Without Limits or ThrottlingCWE-125Out-of-bounds ReadCWE-252Unchecked Return ValueCWE-457Use of Uninitialized Variable
Risk Scores
CVSS 3.0
10.0/10
Critical · CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Oracle | vers:unknown/* | — | — |
Aliases
CVE-2021-45105CVE-2022-41342CVE-2024-13009CVE-2024-42516CVE-2024-43204CVE-2024-47252CVE-2024-47554CVE-2024-56406CVE-2025-12383CVE-2025-23048CVE-2025-26333CVE-2025-31672CVE-2025-41248CVE-2025-41249CVE-2025-43967CVE-2025-48924CVE-2025-48976CVE-2025-4949CVE-2025-49796CVE-2025-5115CVE-2025-53864CVE-2025-54571CVE-2025-54874CVE-2025-54988CVE-2025-55163CVE-2025-59375CVE-2025-66516CVE-2026-21962
Browse GCVE Records
72,921 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.