April 2026 Critical Patch Update Released

April 21, 2026 1 minute read

Oracle today released the April 2026 Critical Patch Update.

This Critical Patch Update provides security updates for a wide range of product families: Oracle Database Server, Oracle Adapter for Eclipse RDF4J, Oracle Autonomous Health Framework, Oracle Blockchain Platform, Oracle GoldenGate, Oracle REST Data Services, Oracle TimesTen In-Memory Database, Oracle Commerce, Oracle Communications, Oracle Construction and Engineering, Oracle E-Business Suite, Oracle Enterprise Manager, Oracle Financial Services Applications, Oracle Fusion Middleware, Oracle Analytics, Oracle Life Science Applications, Oracle Hospitality Applications, Oracle Hyperion, Oracle Java SE, Oracle JD Edwards, Oracle MySQL, Oracle PeopleSoft, Oracle Retail Applications, Oracle Siebel CRM, Oracle Supply Chain, Oracle Systems, Oracle Utilities Applications, Oracle Virtualization.

For more information about the April 2026 Critical Patch Update, customers should refer to the Critical Patch Update advisory located at https://www.oracle.com/security-alerts/cpuapr2026.html and the executive summary published on My Oracle Support (Doc ID CPU56) .

For more information about the Critical Patch Update program, see the security vulnerability remediation practices page located on the Oracle Trust Center.

Integrated Cyber Center (ICC)

Oracle’s Integrated Cyber Center (ICC) serves as the enterprise hub for orchestrating Oracle’s global incident response, customer trust, and strategic security communications. By unifying people, processes, and intelligence across the organization, the ICC ensures Oracle operates as one enterprise with one voice—protecting customers, strengthening transparency, and driving continuous evolution of our collective security posture.

April 2026 Critical Patch Update Released

Authors

Integrated Cyber Center (ICC)

Security Alert CVE-2026-21992 Released