CVE-2026-35253

Vulnerability in the Oracle Macoron Tool product of Oracle Open Source Projects. The supported versions that is affected is v0.22.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Macaron Tool. Successful attacks of this vulnerabili...

medium 4.7 CVSS 3.1

Published: May 6, 2026

Modified: May 6, 2026

Vendor: Oracle

Product: Macoron

Versions: 0.22.0

Description

Vulnerability in the Oracle Macoron Tool product of Oracle Open Source Projects. The supported versions that is affected is v0.22.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Macaron Tool. Successful attacks of this vulnerability can result in Oracle Macaron Tool failing host address validation.

References

https://www.oracle.com/security-alerts/all-oracle-cves-outside-other-oracle-public-documents.html

Related CVEs

CVSS Breakdown

Version	3.1
Score	4.7 / 10
Severity	medium

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N

Weakness (CWE)

CWE-601

Affected Product

Vendor	Oracle
Product	Macoron
Versions	0.22.0