May 2026 Critical Security Patch Update Released

May 28, 2026 1 minute read

Oracle today released the May 2026 Critical Security Patch Update.

This Critical Security Patch Update provides security updates for a wide range of product families: Oracle Database Server, Oracle REST Data Services, Oracle Communications, Oracle E-Business Suite, Oracle Hospitality Applications.

For more information about the May 2026 Critical Security Patch Update, customers should refer to the Critical Security Patch Update advisory located at https://www.oracle.com/security-alerts/cspumay2026.html and the executive summary published on My Oracle Support (Doc ID CPU155) .

For more information about the Critical Security Patch Update program, see the security vulnerability remediation practices page located on the Oracle Trust Center.

Integrated Cyber Center (ICC)

Oracle’s Integrated Cyber Center (ICC) serves as the enterprise hub for orchestrating Oracle’s global incident response, customer trust, and strategic security communications. By unifying people, processes, and intelligence across the organization, the ICC ensures Oracle operates as one enterprise with one voice—protecting customers, strengthening transparency, and driving continuous evolution of our collective security posture.

May 2026 Critical Security Patch Update Released

Authors

Integrated Cyber Center (ICC)

Update: Monthly Critical Security Patch Updates (CSPUs) Begin May 28, 2026