CVE-2026-35258: Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise WebLogic Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in WebLogic Server, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all WebLogic Server acce
CVE-2026-35258 is a high-severity vulnerability in Oracle WebLogic Server versions 14.1.2.0.0 and 15.1.1.0.0 affecting the Console component. It allows a low privileged attacker with network access via HTTPS to compromise the server, requiring user interaction from a third party. Successful exploitation can lead to unauthorized creation, deletion, or modification of critical data and full access to all data accessible by WebLogic Server. The vulnerability has a CVSS 3.1 base score of 8.7, indicating significant confidentiality and integrity impacts. Oracle has released a Critical Security Patch Update addressing this and many other vulnerabilities. Customers are strongly advised to apply the patches promptly to mitigate risk. Until patched, risk reduction may be possible by blocking required network protocols or limiting privileges, though these may impact functionality.
AI Analysis
Technical Summary
CVE-2026-35258 is a vulnerability in the Console component of Oracle WebLogic Server (versions 14.1.2.0.0 and 15.1.1.0.0) that allows a low privileged attacker with network access over HTTPS to compromise the server. Exploitation requires user interaction from someone other than the attacker and can result in unauthorized creation, deletion, or modification of critical data, as well as complete access to all data accessible by WebLogic Server. The vulnerability affects confidentiality and integrity but not availability, with a CVSS 3.1 score of 8.7. Oracle has included a fix for this vulnerability in its June 2026 Critical Security Patch Update. The vendor strongly recommends applying the patch immediately and notes that mitigating actions such as blocking attack-required protocols or removing unnecessary privileges may reduce risk temporarily but could disrupt application functionality.
Potential Impact
Successful exploitation of this vulnerability can lead to unauthorized creation, deletion, or modification of critical data within WebLogic Server, as well as unauthorized access to all data accessible by the server. This impacts confidentiality and integrity of the system and data but does not affect availability. The vulnerability requires network access via HTTPS and user interaction from a third party, expanding the attack surface. The scope of impact may extend beyond WebLogic Server to additional products due to the interconnected nature of Oracle Fusion Middleware components.
Mitigation Recommendations
Oracle has released a Critical Security Patch Update in June 2026 that addresses this vulnerability. Customers are strongly advised to apply the security patches without delay to remediate the issue. Until patches are applied, risk may be reduced by blocking network protocols required for exploitation and by removing unnecessary privileges or access to vulnerable packages from users who do not need them. However, these mitigations may disrupt normal application functionality. Oracle recommends remaining on actively supported versions and promptly applying all relevant patches as the primary mitigation.
CVE-2026-35258: Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise WebLogic Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in WebLogic Server, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all WebLogic Server acce
Description
CVE-2026-35258 is a high-severity vulnerability in Oracle WebLogic Server versions 14.1.2.0.0 and 15.1.1.0.0 affecting the Console component. It allows a low privileged attacker with network access via HTTPS to compromise the server, requiring user interaction from a third party. Successful exploitation can lead to unauthorized creation, deletion, or modification of critical data and full access to all data accessible by WebLogic Server. The vulnerability has a CVSS 3.1 base score of 8.7, indicating significant confidentiality and integrity impacts. Oracle has released a Critical Security Patch Update addressing this and many other vulnerabilities. Customers are strongly advised to apply the patches promptly to mitigate risk. Until patched, risk reduction may be possible by blocking required network protocols or limiting privileges, though these may impact functionality.
CVSS v3.1
Score 8.7high
Affected software
pkg:maven/com.oracle.weblogic/weblogic-serverRun on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-35258 is a vulnerability in the Console component of Oracle WebLogic Server (versions 14.1.2.0.0 and 15.1.1.0.0) that allows a low privileged attacker with network access over HTTPS to compromise the server. Exploitation requires user interaction from someone other than the attacker and can result in unauthorized creation, deletion, or modification of critical data, as well as complete access to all data accessible by WebLogic Server. The vulnerability affects confidentiality and integrity but not availability, with a CVSS 3.1 score of 8.7. Oracle has included a fix for this vulnerability in its June 2026 Critical Security Patch Update. The vendor strongly recommends applying the patch immediately and notes that mitigating actions such as blocking attack-required protocols or removing unnecessary privileges may reduce risk temporarily but could disrupt application functionality.
Potential Impact
Successful exploitation of this vulnerability can lead to unauthorized creation, deletion, or modification of critical data within WebLogic Server, as well as unauthorized access to all data accessible by the server. This impacts confidentiality and integrity of the system and data but does not affect availability. The vulnerability requires network access via HTTPS and user interaction from a third party, expanding the attack surface. The scope of impact may extend beyond WebLogic Server to additional products due to the interconnected nature of Oracle Fusion Middleware components.
Mitigation Recommendations
Oracle has released a Critical Security Patch Update in June 2026 that addresses this vulnerability. Customers are strongly advised to apply the security patches without delay to remediate the issue. Until patches are applied, risk may be reduced by blocking network protocols required for exploitation and by removing unnecessary privileges or access to vulnerable packages from users who do not need them. However, these mitigations may disrupt normal application functionality. Oracle recommends remaining on actively supported versions and promptly applying all relevant patches as the primary mitigation.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- oracle
- Date Reserved
- 2026-04-01T20:03:40.834Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
- Vendor Advisory Urls
- [{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","vendor":"Oracle"}]
Threat ID: 6a31b5f10b89be68882652be
Added to database: 6/16/2026, 8:45:37 PM
Last enriched: 6/17/2026, 12:15:59 AM
Last updated: 6/17/2026, 5:03:40 AM
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.