{"id":"CVE-2026-21945","aliases":["BIT-java-2026-21945","BIT-java-min-2026-21945","BIT-jre-2026-21945"],"modified":"2026-05-18T05:58:31.490844224Z","published":"2026-01-20T21:56:27.997Z","related":["ALSA-2026:0927","ALSA-2026:0928","ALSA-2026:0932","ALSA-2026:0933","CGA-rw54-w7vj-g9m9","SUSE-SU-2026:0341-1","SUSE-SU-2026:0342-1","SUSE-SU-2026:0363-1","SUSE-SU-2026:0382-1","SUSE-SU-2026:0389-1","SUSE-SU-2026:0390-1","SUSE-SU-2026:0414-1","SUSE-SU-2026:0415-1","SUSE-SU-2026:0441-1","SUSE-SU-2026:0504-1","SUSE-SU-2026:20190-1","SUSE-SU-2026:20199-1","SUSE-SU-2026:20215-1","openSUSE-SU-2026:10091-1","openSUSE-SU-2026:10092-1","openSUSE-SU-2026:10093-1","openSUSE-SU-2026:10108-1","openSUSE-SU-2026:10136-1","openSUSE-SU-2026:20126-1","openSUSE-SU-2026:20134-1","openSUSE-SU-2026:20143-1"],"database_specific":{"cna_assigner":"oracle","unresolved_ranges":[{"source":"AFFECTED_FIELD","extracted_events":[{"last_affected":"8u471"},{"last_affected":"8u471-b50"},{"last_affected":"8u471-perf"},{"last_affected":"11.0.29"},{"last_affected":"17.0.17"},{"last_affected":"21.0.9"},{"last_affected":"25.0.1"},{"last_affected":"17.0.17"},{"last_affected":"21.0.9"},{"last_affected":"21.3.16"}]},{"source":"CPE_FIELD","extracted_events":[{"introduced":"8u471"},{"last_affected":"b50"}]}],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/21xxx/CVE-2026-21945.json"},"references":[{"type":"WEB","url":"https://cert-portal.siemens.com/productcert/html/ssa-032379.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/21xxx/CVE-2026-21945.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-21945"},{"type":"ADVISORY","url":"https://www.oracle.com/security-alerts/cpujan2026.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/graalvm/graalvm-ce-builds","events":[{"introduced":"0"},{"last_affected":"5f0c2ee78ad738f96c63762c8464184ee63047ee"}],"database_specific":{"source":"CPE_FIELD","cpe":["cpe:2.3:a:oracle:jdk:25.0.1:*:*:*:*:*:*:*","cpe:2.3:a:oracle:jre:25.0.1:*:*:*:*:*:*:*"],"extracted_events":[{"introduced":"0"},{"last_affected":"25.0.1"}]}}],"versions":["jdk-25.0.2","jdk-25.0.1","jdk-25.0.0","jdk-24.0.2","jdk-24.0.1","jdk-24.0.0","jdk-23.0.2","jdk-23.0.1","jdk-23.0.0","jdk-22.0.2","jdk-22.0.1","jdk-22.0.0","jdk-21.0.2","jdk-21.0.1","jdk-21.0.0","jdk-17.0.9","graal-23.0.2","jdk-20.0.2","jdk-17.0.8","graal-23.0.1","vm-ce-22.3.3","vm-22.3.3","jdk-20.0.1","jdk-17.0.7","graal-23.0.0","vm-22.3.2","vm-22.3.1","vm-22.3.0","vm-22.2.0","vm-21.3.3.1","vm-21.3.3","vm-22.1.0","vm-21.3.2","vm-20.3.6","vm-22.0.0.2","vm-21.3.1","vm-20.3.5","vm-ce-21.2.0","vm-20.0.0","vm-19.3.1","vm-19.3.0.2","vm-19.3.0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-21945.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}