Oracle Security Patch Updates – 18 June 2026

Oracle released its critical patch updates for June 2026, containing 245 new security patches across multiple affected Oracle products and third-party components.

The addressed vulnerabilities could allow the attacker to conduct denial-of-service attacks, obtain sensitive information, manipulate data, or gain access to the affected systems.

Sample of the addressed vulnerabilities:

1. Oracle Coherence Centralized Takeover Vulnerability (CVE-2026-35308):

  • CVSS: 10.0
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Consequences: Gain Access

2. Oracle Solaris Product of Oracle Systems Data Manipulation Vulnerability (CVE-2026-46978):

  • CVSS: 10.0
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Consequences: Data Manipulation
Vulnerabilities
Mitigations

The enterprise should deploy this patch as soon as the testing phase is completed.

Oracle Advisory – June 2026

References