Oracle Java SE Libraries Vulnerability Allowing Unauthorized Data Access

Vulnerability

A vulnerability has been identified in Oracle Java SE version 25.0.1, specifically within the Libraries component. This vulnerability, which is difficult to exploit, allows an unauthenticated attacker with network access to compromise Java SE. Successful exploitation could lead to unauthorized update, insert, or delete access to some data accessible by Java SE. The issue arises in Java deployments that run untrusted code from the internet, such as sandboxed Java Web Start applications or applets, and rely on the Java sandbox for security. It does not affect server deployments that only run trusted code.

Impact

Exploitation of this vulnerability could result in unauthorized modifications or deletions of data accessible to Oracle Java SE.

Added: Apr 21, 2026, 11:32 PM

Updated: Apr 21, 2026, 11:32 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.8

exploitability

4.7

remediation

0.0

relevance

6.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.8

exploitability

4.7

remediation

0.0

relevance

6.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle Java SE Libraries Vulnerability Allowing Unauthorized Data Access

Vulnerability

Impact

Affected Products

Oracle Java SE

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating