CVE-2026-21931Corporation Oracle Apex Sample Applications vulnerability

4 documents4 sources
Severity
5.4MEDIUMNVD
EPSS
0.0%
top 91.12%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle Corporation Oracle Apex Sample ApplicationsOracle Apex
Timeline
PublishedJan 20
Latest updateJan 21

Description

Vulnerability in the Oracle APEX Sample Applications product of Oracle APEX (component: Brookstrut Sample App). Supported versions that are affected are 23.2.0, 23.2.1, 24.1.0, 24.2.0 and 24.2.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle APEX Sample Applications. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle APEX Sample Applications, attacks may si

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:NExploitability: 2.3 | Impact: 2.7

Affected Packages2 packages

NVDoracle/apex4 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-4f9w-qx2j-3j6q: Vulnerability in the Oracle APEX Sample Applications product of Oracle APEX (component: Brookstrut Sample App)2026-01-21
CVEList
CVE-2026-21931: Vulnerability in the Oracle APEX Sample Applications product of Oracle APEX (component: Brookstrut Sample App)2026-01-20

📋Vendor Advisories

1
Oracle
Oracle Oracle APEX Risk Matrix: Brookstrut Sample App — CVE-2026-219312026-01-15
CVE-2026-21931 — MEDIUM severity | cvebase