The U.S. Cybersecurity and Infrastructure Security Agency
(CISA) on Friday added a critical security flaw impacting Oracle
Identity Manager to its Known Exploited Vulnerabilities (KEV)
catalog, citing evidence of active exploitation. The vulnerability
in question is CVE-2025-61757 (CVSS score: 9.8), a case of missing
authentication for a critical function that can result in
pre-authenticated
Read more https://thehackernews.com/2025/11/cisa-warns-of-actively-exploited.html
