Oracle Database Java Vm
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Oracle Database Java Vm.
By the Year
In 2026 there have been 1 vulnerability in Oracle Database Java Vm with an average score of 4.5 out of ten. Last year, in 2025 Database Java Vm had 1 security vulnerability published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Database Java Vm in 2026 could surpass last years number. Last year, the average CVE base score was greater by 1.40
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 1 | 4.50 |
| 2025 | 1 | 5.90 |
It may take a day or so for new Database Java Vm vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Oracle Database Java Vm Security Vulnerabilities
Oracle Java VM DoS via Authenticated User in DB Server 19.321.20
CVE-2026-21975
4.5 - Medium
- January 20, 2026
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.29 and 21.3-21.20. Easily exploitable vulnerability allows high privileged attacker having Authenticated User privilege with network access via Oracle Net to compromise Java VM. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java VM. CVSS 3.1 Base Score 4.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H).
Improper Resource Shutdown or Release
Unauth Java VM Exploit in Oracle DB Server 19c-23c
CVE-2025-61881
5.9 - Medium
- October 21, 2025
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.28, 21.3-21.19 and 23.4-23.9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Java VM. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java VM accessible data. CVSS 3.1 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).
Authorization
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Oracle Database Java Vm or by Oracle? Click the Watch button to subscribe.
