Oracle Releases April 2026 Critical Patch Update Advisory

Scheduled advisory includes 481 security updates across multiple Oracle product families

Threat ID:: CC-4773
Threat Severity:: Medium
Published:: 22 April 2026 1:16 PM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Scheduled advisory includes 481 security updates across multiple Oracle product families

Affected platforms

The following platforms are known to be affected:

Oracle Middleware

Oracle E-Business Suite

Oracle Communications

The following platforms are also known to be affected:

23 other Oracle product families. Please see Oracle's Critical Patch Update Advisory - April 2026 guide for full details.

Threat details

Introduction

Oracle has released the Critical Patch Update Advisory for April 2026 to address 481 vulnerabilities across 28 product families. Of these, 139 vulnerabilities affect Oracle Communications, 93 of which are remotely exploitable without authentication. Oracle Fusion Middleware accounts for a further 46 remotely exploitable vulnerabilities that do not require authentication. Additionally, Oracle E‑Business Suite is impacted by 18 vulnerabilities, 8 of which are remotely exploitable without authentication.

Remediation advice

Affected organisations are encouraged to review Oracle Critical Patch Update Advisory - April 2026 and apply the relevant updates as soon as possible.

Definitive source of threat updates

https://www.oracle.com/security-alerts/cpuapr2026.html

Last edited: 22 April 2026 1:16 pm