Oracle GraalVM for JDK Compiler Component Vulnerability Allowing Unauthorized Data Access

Vulnerability

A vulnerability has been identified in the Oracle GraalVM for JDK product of Oracle Java SE, specifically in the Compiler component. This issue affects Oracle GraalVM for JDK versions 17.0.16 and 21.0.8. The vulnerability, which is difficult to exploit, allows an unauthenticated attacker with network access through multiple protocols to compromise Oracle GraalVM for JDK. Successful exploitation of this vulnerability could lead to unauthorized read access to certain data within Oracle GraalVM for JDK.

Impact

Exploitation of this vulnerability could result in unauthorized read access to a subset of data accessible within Oracle GraalVM for JDK.

Added: Oct 21, 2025, 9:16 PM

Updated: Oct 21, 2025, 9:16 PM

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

0.6

exploitability

4.7

remediation

0.0

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

0.6

exploitability

4.7

remediation

0.0

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle GraalVM for JDK Compiler Component Vulnerability Allowing Unauthorized Data Access

Vulnerability

Impact

Affected Products

Oracle GraalVM

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating