As if April 15th doesn't bring enough joy to those of us in the US (Hint: it's tax day!), Oracle is scheduling its release of its next Critical Patch Update on the same day as most of us will be making a frantic late-day trip to the post office.
From the bulletin on OTN:
This Critical Patch Update contains 17 new security fixes for the Oracle Database including 2 for Oracle Application Express. Two of these vulnerabilities may be remotely exploited without authentication, i.e. may be exploited over a network without the need for a username and password.
While somewhat vague, it does seem that there are a couple of APEX-related issues that will be addressed. We'll just have to wait and see what they are specifically...