Vendor security team contributor

Oracle

cited as evidence in 17 · CNA assigner on 42 of 42 known-exploited records. Every aggregate on this page is recomputed from the records listed below — each one already cited to its public source.

oracle.com ↗ · home of the cited advisories

records cited in

deterministic count

finder / reporter credits

CVE.org credits

CVE records catalogued (CNA)

assigner

77%

avg modeled exploit prob.

FIRST EPSS, 42/42

29%

ransomware-associated

12 of 42 · CISA flag

Known for

— recomputed from this contributor’s own records

SurfacesApplication / other (28), Server / web platform (12), Operating system / kernel (2)

WeaknessInjection (8), Authentication (3), Authorization / access control (2), Web / client (1), Path traversal / file (1)

PortfolioOracle (42)

Narrative reach

— how far this contributor’s records carry an attacker, front door → lights out

1Front door

41reach this stage

→

2Keys to the kingdom

41reach this stage

→

3Lateral reach

37reach this stage

→

4Data at risk

6reach this stage

→

5Lights out

3reach this stage

Furthest any of these records carries an attacker: 5 · Lights out. 6 of 41 narrative-framed records reach data-at-risk or lights-out. (furthest-position idiom, reused from the landing map; the stage mapping is a model output over cited evidence.)

Recent highlights

— this contributor’s newest known-exploited records

CVE-2026-35273Oracle8%RWKEV CVE-2024-21182Oracle48%KEV CVE-2025-61757Oracle88%KEV CVE-2025-61884Oracle98%RWKEV CVE-2025-61882Oracle100%RWKEV CVE-2024-20953Oracle3%KEV

Every record they’re cited in

— all 42, each linked to its cited source

This is the evidence behind every number above. Sorted ransomware-first, then by modeled exploit probability.

CVE-2019-2725Oracle100%RWKEV CVE-2017-10271Oracle100%RWKEV CVE-2025-61882Oracle100%RWKEV CVE-2013-2465Oracle99%RWKEV CVE-2022-21587Oracle98%RWKEV CVE-2012-0507Oracle98%RWKEV CVE-2013-0422Oracle98%RWKEV CVE-2025-61884Oracle98%RWKEV CVE-2012-1723Oracle94%RWKEV CVE-2013-0431Oracle90%RWKEV CVE-2012-1710Oracle11%RWKEV CVE-2026-35273Oracle8%RWKEV CVE-2020-14882Oracle100%KEV CVE-2023-21839Oracle100%KEV CVE-2018-2628Oracle99%KEV CVE-2020-14750Oracle99%KEV CVE-2012-3152Oracle99%KEV CVE-2020-14883Oracle98%KEV CVE-2020-14864Oracle97%KEV CVE-2020-2555Oracle97%KEV CVE-2011-3544Oracle97%KEV CVE-2021-35587Oracle96%KEV CVE-2010-0840Oracle96%KEV CVE-2015-4852Oracle96%KEV CVE-2017-3506Oracle96%KEV CVE-2020-2883Oracle95%KEV CVE-2020-14644Oracle95%KEV CVE-2020-2551Oracle93%KEV CVE-2016-3427Oracle92%KEV CVE-2019-2616Oracle92%KEV CVE-2012-5076Oracle91%KEV CVE-2025-61757Oracle88%KEV CVE-2013-2423Oracle85%KEV CVE-2020-14871Oracle80%KEV CVE-2022-21445Oracle62%KEV CVE-2024-21182Oracle48%KEV CVE-2015-2590Oracle26%KEV CVE-2019-3010Oracle14%KEV CVE-2015-4902Oracle13%KEV CVE-2012-0518Oracle5%KEV CVE-2024-20953Oracle3%KEV CVE-2024-21287Oracle1%KEV

Coverage & confidence

— what this profile claims, and what it does not

Established (cited)

Cited in 42 known-exploited records — the list below; every one links to its public source.

Catalogued 42 CVE record(s) as the CNA assigner (from CVE.org).

Coverage gaps — stated, not hidden

This profile is an aggregation: it asserts only what the listed records already cite — no new external claim about the contributor is made.

The TYPE badge and the narrative-stage mapping are editorial (our call), labeled as such, not a sourced fact.