Cyber Resilience

CVE-2026-34305

High

Published: 21 April 2026

Published
21 April 2026
Modified
24 April 2026
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.0005 16.8th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-34305 is a high-severity Exposure of Sensitive Information to an Unauthorized Actor (CWE-200) vulnerability in Oracle Weblogic Server. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 16.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-34305 is a vulnerability in the Web Services component of Oracle WebLogic Server, which is part of Oracle Fusion Middleware. The supported versions affected by this issue are 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0, and 15.1.1.0.0. Classified under CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor), it carries a CVSS 3.1 base score of 7.5 with the vector (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), indicating high confidentiality impact but no integrity or availability effects.

An unauthenticated attacker with network access via HTTP can easily exploit this vulnerability to compromise Oracle WebLogic Server. Successful attacks enable unauthorized access to critical data or complete access to all data accessible by the server.

Oracle's security advisory, published as part of the April 2026 Critical Patch Update at https://www.oracle.com/security-alerts/cpuapr2026.html, provides further details on mitigation and patching.

EU & UK References

Vulnerability details

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0 and 15.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic…

more

Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

The vulnerability allows unauthenticated remote attackers to exploit a public-facing Web Services component in Oracle WebLogic Server via HTTP to access sensitive/critical data, directly enabling T1190 (Exploit Public-Facing Application) for initial access and data exposure.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-21535Same product: Oracle Weblogic Server
CVE-2025-21549Same product: Oracle Weblogic Server
CVE-2026-34297Same vendor: Oracle
CVE-2026-34292Same product: Oracle Weblogic Server
CVE-2026-21940Same vendor: Oracle
CVE-2026-22016Same vendor: Oracle
CVE-2026-46839Same vendor: Oracle
CVE-2025-21515Same vendor: Oracle
CVE-2025-30743Same vendor: Oracle
CVE-2026-46775Same vendor: Oracle

Affected Assets

oracle
weblogic server
12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0, 15.1.1.0.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires timely remediation of identified flaws like CVE-2026-34305 in Oracle WebLogic Server Web Services to prevent unauthorized data access.

detect

Mandates vulnerability scanning to identify CVE-2026-34305 in affected WebLogic versions, enabling proactive patching.

prevent

Monitors and controls communications at system boundaries to restrict network access via HTTP to the vulnerable Web Services component.

References