OSA-37735469 — Vulnetix

OSA-37735469 PUBLISHED CVSS 8.100000381469727 HIGH

Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Install (FreeType)). The supported version that is affected is 11.2.23. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hyperion Financial Reporting. Successful attacks of this vulnerability can result in takeover of Oracle Hyperion Financial Reporting. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).

Risk Scores

CVSS v3.1

8.100000381469727

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Timeline

Jan 20, 2026 CVE Published

References

Oracle CPU cpujan2026 — CVE-2025-27363 advisory

Open in Interactive Console →