CVE-2026-34286 is a critical vulnerability in the Core component of Oracle Identity Manager Connector, part of Oracle Fusion Middleware. The affected supported version is 12.2.1.4.0. The flaw is remotely exploitable over HTTPS by an unauthenticated attacker and requires no user interaction. Successful exploitation allows compromise of the connector’s accessible identity data, including unauthorized creation, deletion, or modification of critical data, as well as unauthorized access to critical data or complete access to all data accessible through Oracle Identity Manager Connector. Oracle has not publicly disclosed the precise root cause, but the attack profile and impact are consistent with missing or improperly enforced authentication on exposed Core functionality.
Mallory correlates every CVE against your assets, your vendors, and active adversary campaigns. Know which vulnerabilities matter for you, not just which ones are loud.
What it means. What to do now. Patch path, mitigations, and the assume-compromise checklist.
What an attacker gets, and what they’ve been doing with it.
If you can’t patch tonight, do this now.
Patch, then assume compromise.
No public exploits tracked yet. Mallory keeps watching.
No public exploit code observed for this vulnerability.
Products and vendors Mallory has correlated with this vulnerability. Open in Mallory to drill down to specific CPE configurations and version ranges.
Vendor-confirmed product mapping. Mallory continuously reconciles this list against your asset inventory.
9 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
A critical vulnerability patched in Oracle Fusion Middleware that can lead to remote code execution.
A critical unauthenticated network-accessible vulnerability in Oracle Identity Manager Connector (Oracle Fusion Middleware, Core component) affecting version 12.2.1.4.0, allowing compromise of the product and unauthorized access to or modification of critical data.
A critical unauthenticated network-exploitable vulnerability in the Core component of Oracle Identity Manager Connector that allows a remote attacker over HTTPS to read and manipulate identity data accessible by the connector.
A related vulnerability in the Core component of Oracle Identity Manager Connector 12.2.1.4.0 over HTTPS, patched in Oracle's April 2026 Critical Patch Update.
Query your assets running an affected version, and investigate the blast radius.
Every observed campaign linking this CVE to a named adversary.
Malware families riding this exploit, with evidence and IOCs.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Cross-references every affected SKU, including bundled OEM variants.
Community discussion across Reddit, Mastodon, and other social sources.