CVE-2026-35254

Published: Mag 06, 2026 Last Modified: Mag 06, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 6,1

Source: [email protected]

Attack Vector: local

Attack Complexity: low

Privileges Required: none

User Interaction: required

Scope: unchanged

Confidentiality: none

Integrity: high

Availability: low

Description

AI Translation Available

Vulnerability in the Oracle OCI CLI product of Oracle Open Source Projects. The supported versions that is affected is 3.77. Easily exploitable vulnerability allows unauthenticated attacker with network access to compromise Oracle OCI CLI. Successful attacks of this vulnerability can result in Oracle OCI CLI allowing users to place imported files outside the intended directory.

https://www.oracle.com/security-alerts/all-oracle-cves-outs…

https://www.oracle.com/security-alerts/all-oracle-cves-outside-other-oracle-pub…

CVE-2026-35254

Description

Iscriviti alla newsletter