Oracle is introducing a new monthly release cadence to help customers address critical security vulnerabilities more quickly and reduce exposure risk.
Beginning May 28, 2026, Oracle will deliver a Critical Security Patch Update (CSPU) each month. CSPUs are designed to provide targeted, high-priority security fixes in a smaller, more focused format, making them easier to apply with minimal disruption.
Following the initial May release, CSPUs are planned to be delivered on an ongoing monthly cadence, aligned with the third Tuesday of each month, consistent with Oracle’s established security release model.
This new approach complements Oracle’s existing quarterly Critical Patch Updates (CPUs), which will continue as cumulative releases. CSPUs enable customers to take action on targeted fixes for critical vulnerabilities sooner, without waiting for the next quarterly cycle.
The next four dates for security releases are:
28 May 2026 (CSPU)
16 June 2026 (CSPU)
21 July 2026 (CPU)
18 August 2026 (CSPU)
What this means for you:
• Faster access to critical security fixes
• Smaller, more targeted updates
• Reduced risk and simplified patching for customer-managed environments
Oracle remains committed to helping customers maintain a strong security posture by delivering timely, high-quality security updates.
For more about this initiative and Oracle’s approach to accelerating vulnerability detection and response, please review the Security Blog references below:
Oracle is introducing a new monthly release cadence to help customers address critical security vulnerabilities more quickly and reduce exposure risk.
Beginning May 28, 2026, Oracle will deliver a Critical Security Patch Update (CSPU) each month. CSPUs are designed to provide targeted, high-priority security fixes in a smaller, more focused format, making them easier to apply with minimal disruption.
Following the initial May release, CSPUs are planned to be delivered on an ongoing monthly cadence, aligned with the third Tuesday of each month, consistent with Oracle’s established security release model.
This new approach complements Oracle’s existing quarterly Critical Patch Updates (CPUs), which will continue as cumulative releases. CSPUs enable customers to take action on targeted fixes for critical vulnerabilities sooner, without waiting for the next quarterly cycle.
The next four dates for security releases are:
28 May 2026 (CSPU)
16 June 2026 (CSPU)
21 July 2026 (CPU)
18 August 2026 (CSPU)
What this means for you:
• Faster access to critical security fixes
• Smaller, more targeted updates
• Reduced risk and simplified patching for customer-managed environments
Oracle remains committed to helping customers maintain a strong security posture by delivering timely, high-quality security updates.
For more about this initiative and Oracle’s approach to accelerating vulnerability detection and response, please review the Security Blog references below:
You are receiving this communication as you are the designated support contact and may not unsubscribe from receiving Oracle Critical Patch Updates, System and Contract communications. If you are no longer a customer, click here to update your status.
你脸比较黑