Q-Feeds logo

Products & Services

Solutions

Pricing

Company

About

Label with EU stars, 'Made in Europe' text.
~
Label with EU stars, 'Made in Europe' text.
~

Firewall integrations

9

Fortinet

Elevate the power of your Fortinet Fortigate Firewall using by adding our Intelligence.

9

Palo Alto

Palo Alto Firewalls can be hardened with our threat intelligence as well.

9

Sophos XGS

Enhance the Sophos XGS Firewall with our threat intelligence.

9

OPNsense

Enhance your OPNsense Firewall with our threat intelligence using the native plugin.

SIEM integrations

9

Splunk

Splunk is a great platform, but without the right Threat Intelligence it's just a log server. Try our threat intelligence today. 

9

Microsoft Sentinel

One of the most used SIEM solutions should be enriched with the right Intelligence. At Q-Feeds you're at the right place!

9

Other

Luckily there are many other SIEM vendors whom support 3rd party threat intelligence.

Threat Intelligence Portal

9

Darkweb Monitoring

Darkweb monitoring is one of our services, not only for threat intelligence but also for you most important assets.

9

Threat Lookup

With Threat Lookup you get full insights in our IOC database, including full MITRE ATT&K mapping.

9

External Attack Surface Management

A toolset to check your external facing assets exposed on the internet

9

Vulnerability Scanner

A comprehensive vulnerability scanner which can scan your infrastructure and web applications

9

Brand Protection

Protect your brand for look-a-likes and potential phishing attempts

Services

9

TAXII Feeds & Server Software

TAXII/STIX2.1 standard. Both in form of feeds and server software available

9

Implementation

Need help with implementations? No worries, we have a strong network of partners who are able to help you.

Solutions

9

Enrich my SIEM

Elevate the power of your SIEM solution using by adding our Intelligence.

9

Enrich my Firewall

Firewalls can be hardened with our threat intelligence as well.

9

Prevent phishing

Enhance your protection against phishing

9

Achieve compliancy

Achieve compliancy by correlating the best threat intelligence to your logs

Futuristic eye design with circuits and geometric shapes.

Company

9

About

Read here all about Q-Feeds

9

News and Updates

Cybersecurity news and updates about us

9

Publications

All of our media coverage in one place

9

Become a reseller

Strengthen your portfolio with our comprehensive reseller program

9

Partner locator

Find our certified partners here

9

Contact

For all your questions or inquiries

Neural network representation of a human brain

Support

9

My Account

Access your account and manage your licenses

9

Downloads & Manuals

On this page you find white papers and manuals

9

Knowledge base

Our knowledge base full of implementation instructions

9

Start for free

Start your cyber security intelligence journey here

Abstract geometric wireframe human head

Unpacking the risks: Exploring CVE-2026-21992’s remote code execution vulnerability in Oracle Identity Manager

Mar 30, 2026 | Threat Intelligence Research

Critical Remote Code Execution Vulnerability in Oracle Identity Manager and Web Services Manager

Organizations using Oracle Identity Manager and Oracle Web Services Manager should be aware of a critical vulnerability, designated as CVE-2026-21992, which allows unauthenticated remote code execution. This flaw has a CVSS score of 9.8, indicating a high severity, warranting urgent attention for patching or mitigation to reduce risk.

The vulnerability arises from inadequate authentication checks within both products. Specifically, it exists in the REST Web Services component of Oracle Identity Manager and the Web Services Security module of Oracle Web Services Manager. Attackers can exploit this flaw to run arbitrary code on affected systems without needing valid credentials, thus posing a significant threat to overall system integrity.

Successful exploitation of CVE-2026-21992 can lead to severe repercussions, such as complete control of the compromised system, deployment of harmful software, data exfiltration, and lateral movement within the network to target additional systems. Organizations should be particularly vigilant if they are operating the affected versions: Oracle Identity Manager versions 12.2.1.4.0 and 14.1.2.1.0, and Oracle Web Services Manager versions 12.2.1.4.0 and 14.1.2.1.0.

Defensive Context
Organizations utilizing Oracle’s identity and access management solutions must be aware of exploitation risks associated with this vulnerability. Those operating the designated versions are at the highest risk and should act swiftly to implement recommended updates. In contrast, organizations not using these products may not be directly affected but should remain informed about potential cross-application vulnerabilities that could arise from similar flaws in other systems.

Why This Matters
The risk posed by this vulnerability is particularly critical for entities with public-facing applications that rely on Oracle products for identity management. Failure to address this vulnerability could lead to extensive compromises within affected organizations, resulting in data breaches and other malicious activities.

Defender Considerations
Immediate action is required to patch affected systems as per Oracle’s security advisory. Organizations must ensure that their installations are running supported versions of Oracle Identity Manager and Oracle Web Services Manager and must adhere to best practices in patch management to protect against known vulnerabilities.

Indicators of Compromise (IOCs)

  • CVE-2026-21992: This specific identifier should be monitored for tracking and incident response efforts.
  • Affected Products: Oracle Identity Manager versions 12.2.1.4.0 and 14.1.2.1.0, Oracle Web Services Manager versions 12.2.1.4.0 and 14.1.2.1.0.

Click here for the full article

Try our Intelligence today!

Streamline your security operations with a free Q-Feeds trial and see the difference.

Activate free access

Other articles