By Ionut Arghire
Publication Date: 2026-06-02 07:20:00
Oracle has unveiled its monthly Critical Security Patch Update (CSPU) with patches for 77 vulnerabilities, including a dozen critical severity vulnerabilities.
Announced at the beginning of May the monthly rollouts are intended to complement quarterly Critical Patch Update (CPU) fixes and resolve high-priority issues more quickly.
The first CSPU landed at the end of May and another will follow in mid-June. A quarterly CPU will be released in July, with two more CSPUs scheduled for August 18th and September 15th.
The May 2026 CSPU Addresses security flaws in five Oracle products, namely Database Server, REST Data Services, Communications, E-Business Suite and Hospitality Applications.
The E-Business Suite received 12 new security patches, including three for vulnerabilities that can be exploited remotely and without authentication.
Oracle announced 11 new security patches for REST Data Services, including seven for flaws that can be exploited remotely by unauthenticated attackers. The corrections…
