In a shocking revelation that surprised absolutely no one, the Cybersecurity and Infrastructure Security Agency (CISA) has identified yet another zero-day vulnerability within Oracle Identity Manager. It turns out the software’s version of ‘identity management’ is akin to a coffee shop barista carelessly forgetting your name, over and over, while hackers help themselves to free lattes.

The vulnerability, humorously labeled CVE-2025-61757, boasts an impressive CVSS score of 9.8, which, for the uninitiated, is basically the cybersecurity equivalent of a commercial airliner giving free one-way tickets to hackers. CISA has graciously added it to their illustrious catalogue of Known Exploited Vulnerabilities, which is probably reaching bestseller status among cybercriminals worldwide.

One could say Oracle’s approach to security is as solid as a teetering Jenga tower at this point. With missing authentication checks akin to leaving your front door wide open with a neon sign saying ‘Valuables Inside,’ customers are encouraged to refresh their passwords while Oracle refreshes their excuses.