Oracle

Security Scorecard

Score

34F

Total CVEs

118

Patch Rate

48%

56 patched

Avg Response

10317d

days to patch

Critical Gaps

4

exploitable, no detection

Severity Breakdown

Critical2

High31

Medium73

Low2

Patch Status

Patched56 (47%)

Partial/Workaround0 (0%)

Unpatched62 (53%)

CVEs (118)

CVE ID	Title	Severity	Score	Days	Patch
CVE-2026-21936	MySQL Server InnoDB Vulnerability	Medium	4.9	-	Patched
CVE-2026-21937	MySQL Server Remote DDL Vulnerability	Medium	4.9	-	Patched
CVE-2026-21938	Oracle PeopleSoft Enterprise PeopleTools Portal Vulnerability	Medium	6.1	-	Patched
CVE-2026-21939	SQLcl SQL Injection Vulnerability	High	7.0	-	Patched
CVE-2026-21941	MySQL Server Optimizer Vulnerability	Medium	4.9	-	Patched
CVE-2026-21943	Oracle Scripting Admin Bypass Vulnerability	Medium	6.1	-	Patched
CVE-2026-21944	Oracle Agile Product Lifecycle Management for Process Vulnerability	Medium	6.5	-	Patched
CVE-2026-21945	Oracle Java SE and GraalVM Vulnerability	High	7.5	-	Patched
CVE-2026-21946	JD Edwards EnterpriseOne Tools Web Runtime SEC Vulnerability	Medium	6.1	-	Patched
CVE-2026-21948	MySQL Server Optimizer Vulnerability	Medium	4.9	-	Patched