CVE-2015-2590
ENISA EUVD: EUVD-2015-2682 ↗
Exploited in the Wild
✓ Confirmed 0-Day
★ Google Project Zero
Triaged: March 5, 2026
1 article
Published: 2015-07-16
EPSS Score
Source: FIRST.org · 2026-05-23
66.62%
probability
This CVE has a 66.62% probability
of being exploited in the next 30 days.
0%
Top 98.6th percentile of all CVEs
100%
CVSS v3.1
Source: VulnerabilityLookup (CIRCL)9.8
CRITICAL
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS v2 (legacy)
10.0
HIGH
Access Vector
Network
Access Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
AV:N/AC:L/Au:N/C:C/I:C/A:C
Description
VulnerabilityLookup (CNA)Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732.
Affected Products
n/a
n/a
Google Project Zero
Patched
July 14, 2015
Reported by
Trend Micro
Root Cause Analysis
???
http://rhn.redhat.com/errata/RHSA-2015-1243.html
vendor-advisory
x_refsource_REDHAT
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
x_refsource_CONFIRM
http://www.securityfocus.com/bid/75818
vdb-entry
x_refsource_BID
http://rhn.redhat.com/errata/RHSA-2015-1229.html
vendor-advisory
x_refsource_REDHAT
http://www.securitytracker.com/id/1032910
vdb-entry
x_refsource_SECTRACK
http://www.ubuntu.com/usn/USN-2706-1
vendor-advisory
x_refsource_UBUNTU
Signal Intelligence
Confidence
95%
EPSS
66.62%
CVSS v3.1
9.8
Mentions
1
Last Seen
Jul 14, 2015
CNA Information
CNA Assigner
oracle
Analyst Note
Auto-imported from Google Project Zero — confirmed zero-day by definition.
Triage Info
Decided atMar 05, 2026
Published DateJul 16, 2015