Oracle’s Second Monthly Security Updates Deliver 245 Patches

Oracle has released its June 2026 Critical Security Patch Update to fix vulnerabilities in Communications, EBS, Enterprise Manager and other products. The post Oracle’s Second Monthly Security Updates Deliver 245 Patches appeared first on SecurityWeek .

SecurityWeek reports that Oracle’s June 2026 Critical Security Patch Update (CSPU) delivers 245 patches across products including Communications, E-Business Suite, and Enterprise Manager, as part of its new move to monthly CSPUs starting in May 2026.[1][5][8][9] This follows Oracle’s broader shift to more frequent, targeted updates to address high‑priority vulnerabilities more quickly in core enterprise platforms that many organizations – and their AI systems – depend on.[5][8] From a CyberSE.AI perspective, these patches directly affect the software and infrastructure in the AI supply chain: unpatched Oracle databases, middleware, and enterprise applications used to store training data, serve models, or orchestrate AI agents can expose those AI workloads to remote exploitation and data compromise. Organizations should treat Oracle CSPUs as part of their AI SBOM and patch governance, integrating them into an AI-focused vulnerability management process and continuously assessing whether AI pipelines, agents, and data flows depend on affected Oracle components.