Oracle has announced the release of updates for its products as part of the Critical Patch Update, with the goal of addressing critical issues and vulnerabilities. The latest update, released in July, addressed a total of 309 vulnerabilities.
One of the key areas of focus in this update is Java SE, where a total of 9 security vulnerabilities have been identified. These vulnerabilities can be exploited remotely without authentication and pose a significant risk to systems that allow the execution of untrusted code. The most severe vulnerabilities in Java SE have been rated at hazard levels ranging from 8.6 to 7.5, impacting network functions, 2D, Libxml2, and LibxSlt. The vulnerabilities have been addressed in versions 24.0.2, 21.0.0.16, 11.0.28, and 8u461.
In the MySQL server, a total of 30 vulnerabilities have been identified, with one being remotely exploitable if there is access to send requests to the DBMS. The most critical vulnerabilities, rated at danger level 6.5, are associated with vulnerabilities in DML and the optimizer. Less severe vulnerabilities affect Innodb, optimizer, stored procedures, LDAP AUTH, and the replication system. These issues are addressed in versions MySQL Community Server 9.4.0, 8.4.6, and 8.0.43.
Within VirtualBox, 7 vulnerabilities have been identified, with 3 of them considered dangerous with a rating of 8.2 out of 10. These vulnerabilities, including CVE-2025-53024, CVE-2025-53027, and