Oracle Issues Patch for 378 Vulnerabilities in Major Security Rollout

Oracle Corporation has released a sweeping Critical Patch Update (CPU) for April 2025, addressing a staggering 378 security vulnerabilities across a wide array of its product families.

The rollout underscores Oracle’s continued commitment to proactive cybersecurity and comes amid ongoing reports of malicious exploits targeting unpatched systems worldwide.

This massive update, delivered under Oracle’s regular Critical Patch Update program, includes patches for vulnerabilities found in Oracle’s proprietary code as well as third-party components integrated within Oracle products.

Each vulnerability has been carefully assessed and assigned a Common Vulnerabilities and Exposures (CVE) identifier, with severity ratings determined using the latest CVSS version 3.1 standards.

While the update is cumulative in nature, Oracle highlights only the newly addressed issues in each advisory, encouraging users to review historical advisories for previously remedied vulnerabilities.

The detailed risk matrices provided in this update allow organizations to assess the potential impact based ...