## https://sploitus.com/exploit?id=SAINT:A492FCCCC7F135B8256835462B220AA5
Added: 01/23/2026
### Background
Oracle HTTP Server is the web server component for Oracle Fusion Middleware.
### Problem
A vulnerability in Oracle HTTP Server and Weblogic Proxy Plug-in could allow a remote attacker to execute arbitrary commands by requesting a specially crafted path which allows execution of commands injected into certain headers.
### Resolution
Apply the Oracle Critical Patch Update for January 2026.
### References
https://www.oracle.com/security-alerts/cpujan2026.html#AppendixFMW
### Platforms
Windows
Linux