CISA warns of active exploitation of CVE-2024-21182 in Oracle WebLogic Server with low attack complexity and focus on data leakage; federal agencies must patch by June 4, 2026.
A two-year-old WebLogic vulnerability is listed on CISA’s catalog of actively exploited vulnerabilities, signaling attackers to target long-unpatched systems.