CVE-2026-46784
CriticalCVSS 9.1Exploitation Probability (EPSS)
Low risk34th percentile — higher than 34% of all known CVEs
Summary
Vulnerability in the WebCenter Content: Imaging product of Oracle Fusion Middleware allows an unauthenticated attacker with network access via HTTP to compromise the system. The attacker can gain unauthorized access to critical data and has the ability to create, delete, or modify data.
Risk Assessment
The risk to the organization includes the potential for unauthorized access to sensitive data and its modification, which could lead to serious security breaches and loss of data integrity.
Recommendation
It is recommended to immediately update the software to the latest version to mitigate the risks associated with this vulnerability and implement additional security measures.
Original NVD description (English source)
Vulnerability in the WebCenter Content: Imaging product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise WebCenter Content: Imaging. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all WebCenter Content: Imaging accessible data as well as unauthorized access to critical data or complete access to all WebCenter Content: Imaging accessible data. CVSS 3.1 Base Score 9.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).

