CVE-2026-34297

Vulnerability in the Oracle HCM Common Architecture product of Oracle E-Business Suite (component: Knowledge Integration). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle HCM Common Architecture. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle HCM Common Architecture accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:oracle:hcm_common_architecture:*:*:*:*:*:*:*:*

History

23 Apr 2026, 18:10

Type Values Removed Values Added
First Time Oracle hcm Common Architecture
Oracle
References () https://www.oracle.com/security-alerts/cpuapr2026.html - () https://www.oracle.com/security-alerts/cpuapr2026.html - Vendor Advisory
CPE cpe:2.3:a:oracle:hcm_common_architecture:*:*:*:*:*:*:*:*

22 Apr 2026, 14:16

Type Values Removed Values Added
CWE CWE-200

21 Apr 2026, 21:16

Type Values Removed Values Added
New CVE

Information

Published : 2026-04-21 21:16

Updated : 2026-06-17 10:38


NVD link : CVE-2026-34297

Mitre link : CVE-2026-34297

CVE.ORG link : CVE-2026-34297


JSON object : View

Products Affected

oracle

  • hcm_common_architecture
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor