{"id":267600,"date":"2026-06-02T19:35:00","date_gmt":"2026-06-02T23:35:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/06\/02\/two-year-old-oracle-weblogic-server-vulnerability-is-being-exploited\/"},"modified":"2026-06-08T14:25:22","modified_gmt":"2026-06-08T18:25:22","slug":"two-year-old-oracle-weblogic-server-vulnerability-is-being-exploited","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/06\/02\/two-year-old-oracle-weblogic-server-vulnerability-is-being-exploited\/","title":{"rendered":"Two-year old Oracle WebLogic Server vulnerability is being exploited"},"content":{"rendered":"<p><a href=\"https:\/\/www.csoonline.com\/article\/4180218\/two-year-old-oracle-weblogic-server-vulnerability-is-being-exploited.html\">Two-year old Oracle WebLogic Server vulnerability is being exploited<\/a><\/p>\n<p><a href=\"https:\/\/www.csoonline.com\/article\/4180218\/two-year-old-oracle-weblogic-server-vulnerability-is-being-exploited.html\">https:\/\/www.csoonline.com\/article\/4180218\/two-year-old-oracle-weblogic-server-vulnerability-is-being-exploited.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-06-02 19:35:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.csoonline.com\">www.csoonline.com<\/a><\/p>\n<p>\u201cTo make the CISA KEV means that we\u2019re seeing active exploitations,\u201d agreed Tyler Reguly, Fortra\u2019s associate director of security R&#038;D. \u201cGiven that this CVE was patched by Oracle in the July 2024 Critical Patch Update (CPU), I would expect most admins to have patched this by now, particularly since it is a WebLogic vulnerability and, prior to the addition of this CVE, there were already a dozen WebLogic vulnerabilities listed in the KEV catalog.\u201d<\/p>\n<h2 class=\"wp-block-heading\" id=\"older-vulns-under-exploit\">Older vulns under exploit<\/h2>\n<p>Reguly also had an observation about how fast vulnerabilities are added to the KEV. Based on a cursory review, he figured only about 41% of CVEs in the list were added during the same year they were released. Looking at release year + 1, that goes up to about 58%. That still means that, surprisingly, more than 40% of the CVEs added to the CISA KEV catalog are added two or more years after they are released. \u201cI suppose it makes sense that it [the two-year-old Oracle hole] is just popping up now, if you consider that an organization that hasn\u2019t patched their systems in multiple years is likely an easier target than an organization that patches regularly. After all, regular patching probably implies a more security-conscious environment.\u201d<\/p>\n<p><a href=\"https:\/\/www.csoonline.com\/article\/4180218\/two-year-old-oracle-weblogic-server-vulnerability-is-being-exploited.html\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Two-year old Oracle WebLogic Server vulnerability is being exploited https:\/\/www.csoonline.com\/article\/4180218\/two-year-old-oracle-weblogic-server-vulnerability-is-being-exploited.html Publish Date: 2026-06-02 19:35:00 Source&#8230;<\/p>\n","protected":false},"author":1,"featured_media":267601,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.csoonline.com\/wp-content\/uploads\/2026\/06\/4180218-0-97916600-1780443294-shutterstock_2641258125.jpg?quality=50&strip=all&w=1024","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[31,27],"class_list":["post-267600","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-exploit","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/267600"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=267600"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/267600\/revisions"}],"predecessor-version":[{"id":267602,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/267600\/revisions\/267602"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/267601"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=267600"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=267600"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=267600"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}