PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-46777 Oracle Corporation CVE debrief

A critical vulnerability was discovered in Oracle WebCenter Content, a product of Oracle Fusion Middleware. The vulnerability, tracked as CVE-2026-46777, affects versions 12.2.1.4.0 and 14.1.2.0.0. It allows unauthenticated attackers with network access via HTTP to compromise the system, potentially leading to unauthorized creation, deletion, or modification of critical data. This vulnerability has significant implications for organizations using the affected versions, as it could result in unauthorized access to sensitive information. The CVSS 3.1 Base Score is 9.1, indicating a critical severity level. Organizations should prioritize patching this vulnerability to prevent potential data breaches.

Vendor
Oracle Corporation
Product
Oracle WebCenter Content
CVSS
CRITICAL 9.1
CISA KEV
Not listed in stored evidence
Original CVE published
2026-06-17
Original CVE updated
2026-06-19
Advisory published
2026-06-17
Advisory updated
2026-06-19

Who should care

Organizations using Oracle WebCenter Content versions 12.2.1.4.0 and 14.1.2.0.0 should prioritize patching this vulnerability to prevent potential data breaches. This includes operators managing these systems, platform administrators, vulnerability management teams, and security teams responsible for ensuring the security and integrity of sensitive information.

Technical summary

The vulnerability, tracked as CVE-2026-46777, is a critical issue in Oracle WebCenter Content, a product of Oracle Fusion Middleware. It affects versions 12.2.1.4.0 and 14.1.2.0.0. The vulnerability has a CVSS 3.1 Base Score of 9.1, indicating a critical severity level. It is easily exploitable and allows unauthenticated attackers with network access via HTTP to compromise the system. Successful attacks can result in unauthorized creation, deletion, or modification access to critical data or all Oracle WebCenter Content accessible data as well as unauthorized access to critical data or complete access to all Oracle WebCenter Content accessible data. This could lead to significant data breaches if not addressed promptly.

Defensive priority

High

Recommended defensive actions

  • Apply the latest security patches provided by Oracle Corporation
  • Restrict network access to Oracle WebCenter Content
  • Monitor system logs for suspicious activity
  • Implement compensating controls, such as Web Application Firewalls
  • Conduct regular vulnerability assessments and penetration testing
  • Review and update incident response plans to address potential breaches
  • Verify the integrity of affected systems and data after patching

Evidence notes

The CVE record was published on 2026-06-17T10:53:55.260Z and last modified on 2026-06-19T06:17:08.127Z. The NVD entry is currently Analyzed. This information is based on the supplied source corpus and may not reflect the current state of the vulnerability. Defenders should verify the affected scope and severity with Oracle Corporation and review the official CVE record for CVE-2026-46777. Due to limited source detail, defenders should approach with caution and consider evidence limits.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-06-17T10:53:55.260Z and has not been modified since then. The NVD entry is currently Analyzed.