Simply behind ZDLRA in patch quantity are Oracle Enterprise Supervisor, with 51 patches, 47 of which might be remotely exploited with out authentication, and Oracle E-Enterprise Suite, with 38 patches, 33 of that are remotely exploitable.
Regardless of Oracle’s complete patching cycle, the corporate’s method to security has not all the time been efficient. In 2025, a risk actor claimed to have stolen six million information from a weak Oracle server, a declare the corporate repeatedly denied.
Safety firm CloudSEK later recognized the vulnerability that led to the alleged hack as being CVE-2021-35587, an previous problem that ought to have been patched. Presumably coincidentally, in August it was introduced that long-serving chief security officer Mary Ann Davidson was leaving the corporate.
