As AI rapidly transforms the cybersecurity landscape, it is also lowering the barriers for attackers to discover and exploit software vulnerabilities and increasing the speed and scale of attacks.
In response, Oracle strongly recommends that customers run actively supported versions and stay current with the latest Critical Patch Updates. For Oracle Fusion Middleware deployments, including those using Oracle WebLogic Server and Oracle Coherence, actively supported releases are 12.2.1.4 and 14.1.2. For customers running Oracle WebLogic Server and Oracle Coherence independently, actively supported releases are 14.1.1 and 15.1.1.
Just as importantly, organizations should always apply the latest CPU on schedule, maintain rigorous security best practices, and keep middleware estates current over time. As of today, May 1, 2026, the latest CPU is the April 2026 CPU. Customers should use the resources below to identify and download the latest applicable Fusion Middleware patches from My Oracle Support:
Oracle provides resources including My Oracle Support and Customer Success Services to help customers plan, test, and execute upgrades and stay current.
Customers should also review Oracle’s recent security announcement, Accelerating Vulnerability Detection and Response at Oracle. In that post, Oracle announced that beginning in May 2026 it is expanding patch delivery for customer-managed environments with a monthly Critical Security Patch Update (CSPU) program, while quarterly CPUs continue. Customers should prepare their patching, testing, and change management processes for this faster security update cadence.