Oracle April 2021 Critical Patch Update Addresses 257 CVEs...

Oracle April 2021 Critical Patch Update Addresses 257 CVEs including ‘Zerologon’ (CVE-2020-1472)

On April 20, Oracle released its Critical Patch Update (CPU) for April 2021, the second quarterly update of the year. This CPU update contains fixes for 257 CVEs in 390 security updates across 32 Oracle product families.

This quarter’s update includes fixes for 34 critical issues across 30 CVEs. Additionally, this release includes patches to address five CVEs, with the highest severity CVSSv3 score of 10.0. This includes the critical Zerologon vulnerability (CVE-2020-1472). These flaws could be exploited by unauthenticated, remote attackers and should be prioritized for patching.

For more information about these vulnerabilities, including the availability of patches and Tenable product coverage, please visit our blog.

Cyber Exposure Alerts

Vulnerability Watch

Forum Discussion

Oracle April 2021 Critical Patch Update Addresses 257 CVEs...

Recent Discussions

CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Vulnerability

Microsoft’s January 2026 Patch Tuesday Addresses 113 CVEs (CVE-2026-20805)

CVE-2025-14847 (MongoBleed): MongoDB Memory Leak Vulnerability Exploited in the Wild

CVE-2025-40602: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day Exploited

Microsoft Patch Tuesday 2025 Year in Review

Americas

Europe

Asia / Australia