PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-46848 Oracle Corporation CVE debrief

A high-severity vulnerability was found in WebLogic Server, a product of Oracle Fusion Middleware. The vulnerability, tracked as CVE-2026-46848, affects versions 14.1.2.0.0 and 15.1.1.0.0. It allows a low-privileged attacker with logon to the infrastructure where WebLogic Server executes to compromise the server. Successful attacks require human interaction from a person other than the attacker and can result in unauthorized creation, deletion, or modification access to critical data or all WebLogic Server accessible data, as well as unauthorized access to critical data or complete access to all WebLogic Server accessible data.

Vendor
Oracle Corporation
Product
WebLogic Server
CVSS
HIGH 7.9
CISA KEV
Not listed in stored evidence
Original CVE published
2026-06-17
Original CVE updated
2026-06-23
Advisory published
2026-06-17
Advisory updated
2026-06-23

Who should care

Administrators and users of WebLogic Server versions 14.1.2.0.0 and 15.1.1.0.0 should be aware of this vulnerability and take necessary precautions to prevent exploitation. This includes reviewing system configurations, ensuring proper access controls are in place, and monitoring for suspicious activity. Additionally, operators, platform administrators, vulnerability management teams, and security teams should assess their exposure and implement necessary mitigations.

Technical summary

The vulnerability has a CVSS 3.1 Base Score of 7.9, indicating a high severity. The CVSS Vector is (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N). The vulnerability allows a low-privileged attacker with logon to the infrastructure where WebLogic Server executes to compromise the server. Successful attacks require human interaction from a person other than the attacker and can result in unauthorized creation, deletion, or modification access to critical data or all WebLogic Server accessible data, as well as unauthorized access to critical data or complete access to all WebLogic Server accessible data.

Defensive priority

High

Recommended defensive actions

  • Apply patches or updates provided by Oracle Corporation
  • Restrict access to WebLogic Server to only necessary personnel
  • Monitor WebLogic Server for suspicious activity
  • Implement additional security measures, such as multi-factor authentication
  • Review system configurations to ensure proper access controls
  • Conduct vulnerability assessments to identify potential exposure
  • Track and document remediation efforts for auditing purposes

Evidence notes

The CVE record was published on 2026-06-17T10:54:02.383Z and was last modified on 2026-06-23T05:17:04.487Z. The NVD entry is currently Modified. Evidence is limited to public sources and may not reflect the full scope of affected systems or potential impacts. Defenders should verify system configurations, review logs for suspicious activity, and ensure that patches or updates are applied where possible.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-06-17T10:54:02.383Z and has not been modified since then. The NVD entry is currently Modified.