PatchSiren cyber security CVE debrief
CVE-2026-46787 Oracle Corporation CVE debrief
CVE-2026-46787 is a difficult-to-exploit vulnerability in Oracle WebCenter Content, a product of Oracle Fusion Middleware. The vulnerability is in the Content Server component. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle WebCenter Content, attacks may significantly impact additional products (scope change). The vulnerability allows unauthenticated attackers with network access via HTTP to compromise the system. The CVSS 3.1 Base Score is 8.0, indicating high severity, with Confidentiality and Integrity impacts. The CVSS Vector is (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N). Administrators and security teams should prioritize patching this vulnerability to prevent potential data breaches.
- Vendor
- Oracle Corporation
- Product
- Oracle WebCenter Content
- CVSS
- HIGH 8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-17
- Original CVE updated
- 2026-06-19
- Advisory published
- 2026-06-17
- Advisory updated
- 2026-06-19
Who should care
Administrators and security teams responsible for Oracle WebCenter Content installations should prioritize patching this vulnerability to prevent potential data breaches. This includes teams managing Oracle Fusion Middleware and those responsible for ensuring the security of content management systems. The high CVSS score and potential impact on data confidentiality and integrity necessitate prompt attention.
Technical summary
CVE-2026-46787 is a difficult-to-exploit vulnerability in Oracle WebCenter Content, allowing unauthenticated attackers with network access via HTTP to compromise the system. Successful attacks require human interaction and can result in unauthorized creation, deletion, or modification of critical data, as well as unauthorized access to sensitive information. The vulnerability has a CVSS score of 8.0, indicating high severity. The vulnerability affects Oracle WebCenter Content version 14.1.2.0.0. There is no information on known exploits or attacks.
Defensive priority
High priority should be given to patching this vulnerability due to its high CVSS score of 8.0 and potential impact on data confidentiality and integrity.
Recommended defensive actions
- Apply the latest security patches provided by Oracle Corporation
- Implement compensating controls, such as monitoring and exception tracking
- Conduct thorough inventory checks to identify affected systems
- Restrict network access to Oracle WebCenter Content
- Monitor for suspicious activity and implement incident response plans
- Review and update security configurations to prevent exploitation
- Perform regular security audits to detect potential vulnerabilities
Evidence notes
The CVE record and NVD entry provide limited information about the vulnerability. Further investigation and verification are necessary to fully understand the scope and impact of this vulnerability. The vulnerability affects Oracle WebCenter Content, specifically version 14.1.2.0.0. The CVSS score of 8.0 indicates high severity. There is no information on known exploits or attacks. Defenders should verify the affected product deployments and review official advisories for mitigation guidance.
Official resources
-
CVE-2026-46787 CVE record
CVE.org
-
CVE-2026-46787 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-06-17T10:53:56.290Z and has not been modified since then.