CVE Catalog

CVE-2026-46976

HighCVSS 7.2
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.45%

36th percentile — higher than 36% of all known CVEs

Summary

Vulnerability in the Oracle Public Sector Payroll product of Oracle E-Business Suite, affecting the component: Internal Operations. Versions 12.2.3-12.2.15 are susceptible to easily exploitable attacks that can lead to system takeover.

Risk Assessment

A high privileged attacker with network access via HTTP can easily compromise Oracle Public Sector Payroll, potentially leading to serious consequences for the organization.

Recommendation

It is recommended to update to the latest version of Oracle E-Business Suite to mitigate the risk associated with this vulnerability.

Original NVD description (English source)

Vulnerability in the Oracle Public Sector Payroll product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Public Sector Payroll. Successful attacks of this vulnerability can result in takeover of Oracle Public Sector Payroll. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).

Vulnerability data from NVD (NIST) · CISA KEV · EPSS