{"data":{"id":"f05cb6f0-fbb6-480f-a47d-f5f475416202","title":"CVE-2026-22016: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE","summary":"A serious vulnerability in Oracle Java SE and related products (JAXP component, which handles XML processing) allows attackers on the network to access sensitive data without needing to log in or interact with a user. The flaw affects multiple versions of Java and can be exploited through web services or untrusted code loaded in Java applications, with a CVSS score (0-10 severity rating) of 7.5 indicating high risk for data theft.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-22016","publishedAt":"2026-04-21T21:16:28.470Z","cveId":"CVE-2026-22016","cweIds":null,"cvssScore":"7.5","cvssSeverity":"high","severity":"high","attackType":["data_extraction"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":[],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","attackVector":"network","attackComplexity":"low","privilegesRequired":"none","userInteraction":"none","exploitMaturity":"unknown","epssScore":0,"patchAvailable":null,"disclosureDate":"2026-04-21T21:16:28.470Z","capecIds":null,"crossRefCount":0,"attackSophistication":"trivial","impactType":["confidentiality"],"aiComponentTargeted":null,"llmSpecific":false,"classifierConfidence":0.65,"researchCategory":null,"atlasIds":null}}