CVE-2026-21997

Published: Apr 21, 2026 Last Modified: Mag 01, 2026

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 8,5

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: low

User Interaction: none

Scope: changed

Confidentiality: low

Integrity: high

Availability: none

Description

AI Translation Available

Vulnerability in the Oracle Life Sciences Empirica Signal product of Oracle Life Science Applications (component: Common Core). Supported versions that are affected are 9.2.1-9.2.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Life Sciences Empirica Signal. While the vulnerability is in Oracle Life Sciences Empirica Signal, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Life Sciences Empirica Signal accessible data as well as unauthorized read access to a subset of Oracle Life Sciences Empirica Signal accessible data. CVSS 3.1 Base Score 8.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N).

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,0002

Percentile

0,1th

Updated

EPSS Score Trend (Last 4 Days)

284

Improper Access Control

Incomplete

Abstraction: Pillar Structure: Simple

Common Consequences

Security Scopes Affected:

Other

Potential Impacts:

Varies By Context

Applicable Platforms

Technologies: ICS/OT, Not Technology-Specific, Web Based

View CWE Details

Application

Life Sciences Empirica Signal by Oracle

Product Information

Vendor Oracle

Product Life Sciences Empirica Signal

Version Range Affected

From 9.2.1 (inclusive)

To 9.2.3 (inclusive)

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:oracle:life_sciences_empirica_signal:*:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

https://www.oracle.com/security-alerts/cpuapr2026.html

CVE-2026-21997

Description

EPSS (Exploit Prediction Scoring System)

EPSS (Exploit Prediction Scoring System)

EPSS Score Trend (Last 4 Days)

Improper Access Control

Common Consequences

Applicable Platforms

Life Sciences Empirica Signal by Oracle

Product Information

Iscriviti alla newsletter