# CVE-2026-21962

> Critical unauthenticated remote code execution vulnerability (CVSS 10.0) in Oracle HTTP Server and WebLogic Server Proxy Plug-in. Attackers exploit path traversal sequences ('..;' notation) to reach internal ProxyServlet endpoints, enabling arbitrary OS command execution without authentication. Active exploitation observed within hours of public PoC release.

- **CVSS:** 9.8 (CRITICAL)
- **EPSS:** 0.0%
- **CWE:** CWE-284

Canonical: https://intel.threadlinqs.com/cve/CVE-2026-21962
Full threat coverage + IOCs via the Threadlinqs MCP server (Purple tier): https://intel.threadlinqs.com/mcp