PatchSiren cyber security CVE debrief
CVE-2026-46926 Oracle Corporation CVE debrief
A vulnerability was discovered in Siebel CRM Cloud Applications product of Oracle Siebel CRM (component: Siebel Cloud Manager). The affected versions are 17.0-26.5. This easily exploitable vulnerability allows a low-privileged attacker with logon to the infrastructure where Siebel CRM Cloud Applications executes to compromise Siebel CRM Cloud Applications. While the vulnerability is in Siebel CRM Cloud Applications, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Siebel CRM Cloud Applications. Organizations should prioritize patching this vulnerability.
- Vendor
- Oracle Corporation
- Product
- Siebel CRM Cloud Applications
- CVSS
- HIGH 8.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-17
- Original CVE updated
- 2026-06-18
- Advisory published
- 2026-06-17
- Advisory updated
- 2026-06-18
Who should care
Organizations using Siebel CRM Cloud Applications versions 17.0-26.5 should prioritize patching this vulnerability. A low-privileged attacker with logon access to the infrastructure can exploit this vulnerability, potentially leading to a takeover of Siebel CRM Cloud Applications. Operators, platform administrators, vulnerability management teams, and security teams should be aware of the potential impacts and take necessary actions.
Technical summary
The vulnerability has a CVSS 3.1 Base Score of 8.8, indicating a high severity. The CVSS Vector is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H), showing that the vulnerability allows for high impacts on Confidentiality, Integrity, and Availability. The vulnerability is in the Siebel Cloud Manager component of Siebel CRM Cloud Applications. Successful attacks of this vulnerability can result in takeover of Siebel CRM Cloud Applications.
Defensive priority
High
Recommended defensive actions
- Apply the patch from Oracle as soon as possible
- Review and limit logon access to the infrastructure where Siebel CRM Cloud Applications executes
- Monitor for suspicious activity related to Siebel CRM Cloud Applications
- Consider implementing compensating controls to mitigate potential impacts
- Inventory and verify the versions of Siebel CRM Cloud Applications in use
- Review the supplied official advisory or CVE record to validate affected scope, severity, and vendor guidance
- Plan vendor-supported updates or mitigations through normal change control where exposure is confirmed
Evidence notes
The CVE record was published on 2026-06-17T10:54:10.177Z and was last modified on 2026-06-18T22:24:49.060Z. The NVD entry is currently Analyzed. This information is based on the NVD entry and the CVE record. The vulnerability affects Siebel CRM Cloud Applications product of Oracle Siebel CRM (component: Siebel Cloud Manager).
Official resources
-
CVE-2026-46926 CVE record
CVE.org
-
CVE-2026-46926 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-06-17T10:54:10.177Z and has not been modified since then. The NVD entry is currently Analyzed.