CISA Flags 2-Year-Old Oracle WebLogic Vulnerability as Actively Exploited

CISA added Oracle WebLogic flaw CVE-2024-21182 to its KEV catalog, giving federal agencies until June 4 to patch exposed ...
The Hacker News

Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation

CVE-2024-21182 entered CISA's KEV catalog after active exploitation evidence, requiring federal patching by June 4, 2026.
CSO Online

Two-year old Oracle WebLogic Server vulnerability is being exploited

Its inclusion in the US CISA catalog of known exploited vulnerabilities is a warning to admins that patching is needed now.
SecurityWeek

Oracle WebLogic Vulnerability Exploited in the Wild

CISA is warning organizations that an Oracle WebLogic vulnerability patched nearly two years ago is being exploited in the ...
ZDNet

Recent Oracle WebLogic zero-day used to infect servers with ransomware

A recently discovered zero-day vulnerability has been abused for over a week to infect Oracle WebLogic servers with at least two strands of ransomware, security researchers from Cisco Talos have told ...
ZDNet

New Oracle WebLogic zero-day discovered in the wild

Security researchers have spotted a new zero-day vulnerability impacting the Oracle WebLogic server that is currently being targeted in the wild. Oracle has been notified of the zero-day, but the ...
Infosecurity-magazine.com

Attackers Rapidly Weaponize Critical Oracle WebLogic RCE, Honeypot Study Finds

A critical Oracle WebLogic vulnerability was weaponized almost immediately after public exploit code became available, according to a new honeypot-based analysis covering attack activity between ...