By no[email protected] (Unknown) Oracle has released an out-of-band emergency software update to patch a newly discovered critical vulnerability in the WebLogic Server.

According to Oracle, the vulnerability—which can be identified as CVE-2019-2729 and has a CVSS score of 9.8 out of 10—is already being exploited in the wild by an unnamed group of attackers.

Oracle WebLogic is a Java-based multi-tier enterprise application

Via:: New Critical Oracle WebLogic Flaw Under Active Attack — Patch Now