CVE-2025-61757 is an unauthenticated remote code execution vulnerability affecting Oracle Identity Manager.
November 21, 2025 By Eduard Kovacs
A recently patched Oracle Identity Manager vulnerability may have been exploited as a zero-day.
The vulnerability, tracked as CVE-2025-61757, was disclosed on Thursday by Searchlight Cyber, whose researchers discovered the issue and reported it to Oracle.
The security firm described it as a critical pre-authentication remote code execution vulnerability in Oracle Identity Manager. The exploit, which chains an authentication bypass weakness and arbitrary code execution, can allow an attacker to achieve full system compromise.
Oracle fixed CVE-2025-61757 with its October 2025 patches and confirmed that it’s a critical issue that can be easily exploited without authentication.
