On Tuesday, January 21, Oracle released their quarterly Critical Patch Update. The release addresses more than 300 vulnerabilities across Oracle’s product and service lines. Among the vulnerabilities fixed in the release are 10 critical flaws, including a vulnerability in the Oracle Agile Product Lifecycle Management (PLM) Framework that is easily exploitable by an attacker with low privileges, and several that were disclosed more than a year ago. Ref https://www.oracle.com/security-alerts/cpujan2025.html
