PatchSiren cyber security CVE debrief
CVE-2026-46788 Oracle Corporation CVE debrief
A high-severity vulnerability was found in Oracle WebCenter Content, a product of Oracle Fusion Middleware. The vulnerability, tracked as CVE-2026-46788, has a CVSS score of 8.4 and can be easily exploited by high-privileged attackers with network access via HTTP. Successful attacks require human interaction from a person other than the attacker and can result in the takeover of Oracle WebCenter Content. The vulnerability is in the Content Server component and affects version 14.1.2.0.0.
- Vendor
- Oracle Corporation
- Product
- Oracle WebCenter Content
- CVSS
- HIGH 8.4
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-17
- Original CVE updated
- 2026-06-19
- Advisory published
- 2026-06-17
- Advisory updated
- 2026-06-19
Who should care
Security teams and administrators responsible for Oracle WebCenter Content should prioritize patching this vulnerability. The high CVSS score and potential for significant impact on additional products make it crucial to address.
Technical summary
CVE-2026-46788 is a vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware, specifically in the Content Server component. The vulnerability has a CVSS 3.1 Base Score of 8.4, indicating high impacts on Confidentiality, Integrity, and Availability. The CVSS Vector is CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H. The supported version affected is 14.1.2.0.0. Easily exploitable, the vulnerability allows high-privileged attackers with network access via HTTP to compromise Oracle WebCenter Content. Successful attacks require human interaction from a person other than the attacker and can result in the takeover of Oracle WebCenter Content. The vulnerability is in the Content Server component.
Defensive priority
High
Recommended defensive actions
- Apply the patch from Oracle as soon as possible
- Restrict access to Oracle WebCenter Content to only necessary personnel
- Monitor for suspicious activity around Oracle WebCenter Content
- Implement additional security controls to prevent exploitation
- Review and update incident response plans to address potential impacts
Evidence notes
The CVE record was published on 2026-06-17T10:53:56.393Z and was last modified on 2026-06-19T06:17:08.523Z. The NVD entry is currently Analyzed. The vulnerability is in the Content Server component of Oracle WebCenter Content version 14.1.2.0.0.
Official resources
-
CVE-2026-46788 CVE record
CVE.org
-
CVE-2026-46788 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-06-17T10:53:56.393Z and has not been modified since then. The NVD entry is currently Analyzed.