Oracle has recently released a Critical Patch Update for its products to address critical issues and vulnerabilities. The June update addressed a total of 245 vulnerabilities.
Some of the key issues resolved in the update include:
- One vulnerability was identified in the server MySQL, which could be exploited remotely without authentication. The severity level of this issue is rated at 7.5 out of 10. The vulnerability has been fixed in the latest releases of MySQL Community Server 9.7.1 and 8.4.10.
- Ten vulnerabilities were discovered in VirtualBox, three of which were classified as dangerous with a severity rating of 7.5 out of 10. The vulnerabilities were related to problems in the implementation of VVM, shared directories, and the VMSVGA device. These issues have been resolved in the latest release of VirtualBox 7.2.10.
- Three vulnerabilities were found in Solaris, with one issue (CVE-2026-46978) being rated as critical (10 out of 10). This vulnerability, present in the Remote Administration Daemon, could allow remote attackers to gain administrator rights by sending a specially crafted request over HTTPS. The less severe vulnerabilities in Solaris affect the file system (with a danger rating of 7.1 out of 10) and standard libraries (4.4 out of 10). The vulnerabilities have been fixed in the Solaris 11.4 SRU93 update.
- No issues were reported for Java SE in the update, and therefore no corrective releases are generated for Java SE.
/Reports, release notes, official announcements.