VDB

GCVE-110-NCSC-2026-29

GCVE-110-NCSC-2026-29
Advisory PublishedCVSS 8.1/10
Vulnetix · Advisory published January 21, 2026
Multiple vulnerabilities across Oracle JD Edwards, Documaker, Outside In Technology, and Communications Operations Monitor, as well as FreeType, expose systems to significant risks including unauthorized access and arbitrary code execution.

Weaknesses (CWE)

CWE-787Out-of-bounds WriteCWE-476NULL Pointer DereferenceCWE-674Uncontrolled RecursionCWE-125Out-of-bounds Read

Risk Scores

CVSS 3.1
8.1/10
High · CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C/CR:H/IR:H/AR:H/MAV:N/MAC:L/MPR:N/MUI:N/MS:U/MC:H/MI:H/MA:H

Affected Products

VendorProductVersionsPlatforms
Oraclevers:unknown/*

References

advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory

Browse GCVE Records

73,685 records in the GCVE database · Updated July 18, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›