These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
A vulnerability was found in PeopleSoft Enterprise CS Campus Community 9.2.38. This vulnerability allows high privileged attackers with network access via HTTPS to compromise PeopleSoft Enterprise CS Campus Community, potentially leading to unauthorized creation, deletion, or modification access to critical data or all PeopleSoft Enterprise CS Campus Community accessible data as well as unauthorized acces [truncated]
A critical vulnerability was identified in Oracle Solaris 11.4, specifically in the Remote Administration Daemon component. This vulnerability allows an unauthenticated attacker with network access via HTTPS to compromise Oracle Solaris, potentially impacting additional products. Successful attacks could result in unauthorized creation, deletion, or modification access to critical data or all Oracle Solar [truncated]
A low-severity vulnerability was found in Oracle VM VirtualBox 7.2.8, specifically in the VMSVGA device component. This issue allows high-privileged attackers with logon access to the infrastructure to compromise Oracle VM VirtualBox, potentially impacting additional products. Successful attacks can result in unauthorized read access to a subset of Oracle VM VirtualBox accessible data. The vulnerability h [truncated]
A high-severity vulnerability was discovered in Oracle Public Sector Payroll, a component of Oracle E-Business Suite. The vulnerability, tracked as CVE-2026-46976, has a CVSS score of 7.2 and can be easily exploited by a high-privileged attacker with network access via HTTP, potentially leading to a takeover of the affected system. This vulnerability affects versions 12.2.3-12.2.15 of Oracle Public Sector [truncated]
A high-severity vulnerability was discovered in Oracle VM VirtualBox, affecting version 7.2.8. This vulnerability, tracked as CVE-2026-46974, has a CVSS score of 7.5 and can be exploited by a high-privileged attacker with logon access to the infrastructure where Oracle VM VirtualBox executes. Successful exploitation can lead to a takeover of Oracle VM VirtualBox. The vulnerability is difficult to exploit [truncated]
A vulnerability was discovered in Oracle Outsourced Mfg for Discrete Industries, a product of Oracle E-Business Suite. The vulnerability affects versions 12.2.3-12.2.15 and has a CVSS 3.1 Base Score of 8.8, indicating high severity. The vulnerability allows a low-privileged attacker with network access via HTTP to compromise the product, potentially leading to a takeover. The vulnerability is located in t [truncated]
A vulnerability was discovered in Oracle Outsourced Mfg for Discrete Industries, a product of Oracle E-Business Suite. The vulnerability affects versions 12.2.3-12.2.15 and has a CVSS 3.1 Base Score of 8.8, indicating high severity. The vulnerability allows a low-privileged attacker with network access via HTTP to compromise the product, potentially leading to a takeover. Organizations should review their [truncated]
A high-severity vulnerability was discovered in Oracle HR Intelligence, a component of Oracle E-Business Suite. This vulnerability, tracked as CVE-2026-46971, has a CVSS 3.1 Base Score of 7.5, indicating high impacts on confidentiality, integrity, and availability. The vulnerability affects versions 12.2.3 through 12.2.15 of Oracle HR Intelligence and can be exploited by a low-privileged attacker with net [truncated]
A high-severity vulnerability was found in Oracle HR Intelligence, a component of Oracle E-Business Suite. The vulnerability, tracked as CVE-2026-46970, has a CVSS score of 7.2 and can be easily exploited by high-privileged attackers with network access via HTTP, potentially leading to a takeover of Oracle HR Intelligence. This vulnerability affects Oracle HR Intelligence versions 12.2.3-12.2.15. Organiza [truncated]
A high-severity vulnerability was found in Oracle Public Sector Financials (International), affecting versions 12.2.3-12.2.15. This easily exploitable vulnerability allows a low-privileged attacker with network access via HTTP to compromise the system, potentially leading to a takeover. The vulnerability is located in the Authorization component and has a CVSS 3.1 Base Score of 8.8, indicating high impact [truncated]
A high-severity vulnerability was discovered in Oracle Universal Work Queue, a component of Oracle E-Business Suite. The vulnerability, tracked as CVE-2026-46966, has a CVSS score of 7.5 and can be exploited by a low-privileged attacker with network access via HTTP, potentially leading to a takeover of the Oracle Universal Work Queue. This vulnerability is located in the Work Provider Site Level Administr [truncated]
A vulnerability exists in Oracle Universal Work Queue, a component of Oracle E-Business Suite. The affected versions are 12.2.3-12.2.15. This vulnerability allows a low-privileged attacker with network access via HTTP to compromise Oracle Universal Work Queue, potentially leading to its takeover. The CVSS 3.1 Base Score is 8.8, indicating high severity with impacts on Confidentiality, Integrity, and Avail [truncated]
A critical vulnerability was discovered in Oracle Universal Work Queue, a component of Oracle E-Business Suite. The vulnerability, tracked as CVE-2026-46964, has a CVSS score of 9.9, indicating a high severity level. It affects versions 12.2.3-12.2.15 of Oracle Universal Work Queue and can be exploited by low-privileged attackers with network access via HTTP. The vulnerability allows attackers to compromi [truncated]
A critical vulnerability was discovered in Oracle Universal Work Queue, a component of Oracle E-Business Suite. The vulnerability, tracked as CVE-2026-46963, has a CVSS score of 9.9, indicating a high severity level. The vulnerability allows a low-privileged attacker with network access via HTTP to compromise Oracle Universal Work Queue, potentially impacting additional products. The vulnerability is loca [truncated]
A vulnerability was discovered in Oracle Project Portfolio Analysis, a component of Oracle E-Business Suite. The vulnerability is rated as HIGH with a CVSS score of 8.8 and can be easily exploited by a low-privileged attacker with network access via HTTP, potentially leading to a takeover of Oracle Project Portfolio Analysis. The vulnerability is located in the Internal Operations component and affects ve [truncated]
A high-severity vulnerability was found in Oracle Project Portfolio Analysis, a component of Oracle E-Business Suite. The vulnerability, tracked as CVE-2026-46960, has a CVSS score of 7.2 and can be easily exploited by high-privileged attackers with network access via HTTP, potentially leading to a takeover of the affected system. The vulnerability affects versions 12.2.3-12.2.15 of Oracle Project Portfol [truncated]
A high-severity vulnerability was discovered in Oracle Subledger Accounting, a component of Oracle E-Business Suite. This vulnerability, tracked as CVE-2026-46959, has a CVSS 3.1 Base Score of 7.5, indicating high impacts on confidentiality, integrity, and availability. The vulnerability affects versions 12.2.3 through 12.2.15 of Oracle Subledger Accounting and can be exploited by a low-privileged attacke [truncated]
A high-severity vulnerability was discovered in Oracle Subledger Accounting, a component of Oracle E-Business Suite. This vulnerability, tracked as CVE-2026-46958, has a CVSS 3.1 Base Score of 7.5, indicating high impacts on confidentiality, integrity, and availability. The vulnerability affects versions 12.2.3 through 12.2.15 of Oracle Subledger Accounting and can be exploited by a low-privileged attacke [truncated]
A high-severity vulnerability was discovered in Oracle iSupplier Portal, a component of Oracle E-Business Suite. The vulnerability, tracked as CVE-2026-46957, has a CVSS score of 7.5 and can be exploited by a low-privileged attacker with network access via HTTP, potentially leading to a takeover of the Oracle iSupplier Portal. This vulnerability is located in the Internal Operations component and is diffi [truncated]
A high-severity vulnerability was discovered in Oracle Human Resources, a component of Oracle E-Business Suite. The vulnerability, tracked as CVE-2026-46955, has a CVSS score of 7.5 and allows unauthenticated attackers with network access via HTTP to compromise the system. Successful attacks require human interaction and can result in a takeover of Oracle Human Resources. The vulnerability affects version [truncated]
A vulnerability was found in Oracle Quality, a component of Oracle E-Business Suite. The vulnerability has a CVSS score of 8.8 and can allow a low-privileged user with network access via HTTP to compromise Oracle Quality. Successful attacks can result in the takeover of Oracle Quality. This vulnerability affects Oracle Quality versions 12.2.3-12.2.15. Users should verify their version and apply patches accordingly.
A vulnerability exists in Oracle Quality, a component of Oracle E-Business Suite. The affected versions are 12.2.3-12.2.15. This vulnerability allows a low-privileged attacker with network access via HTTP to compromise Oracle Quality, potentially leading to its takeover. The CVSS 3.1 Base Score is 8.8, indicating high severity with impacts on Confidentiality, Integrity, and Availability.
A high-severity vulnerability was found in Oracle Advanced Outbound Telephony, a component of Oracle E-Business Suite. The vulnerability, tracked as CVE-2026-46950, has a CVSS score of 8.8 and can be easily exploited by low-privileged attackers with network access via HTTP, potentially leading to a takeover of the affected system. This vulnerability is located in the Internal Operations component and affe [truncated]
A high-severity vulnerability was found in Oracle Advanced Outbound Telephony, a component of Oracle E-Business Suite. The vulnerability, tracked as CVE-2026-46947, has a CVSS score of 8.8 and can be easily exploited by low-privileged attackers with network access via HTTP, potentially leading to a takeover of the affected system. The vulnerability is located in the Internal Operations component and has a [truncated]
A high-severity vulnerability was discovered in Oracle Cost Management, a product of Oracle E-Business Suite. The vulnerability, tracked as CVE-2026-46940, has a CVSS score of 8.8 and can be easily exploited by a low-privileged attacker with network access via HTTP, potentially leading to a takeover of Oracle Cost Management. The vulnerability is located in the Cost Planning component of Oracle Cost Manag [truncated]
A high-severity vulnerability was discovered in Oracle Configure to Order, a component of Oracle E-Business Suite. The vulnerability, tracked as CVE-2026-46939, has a CVSS score of 8.1 and can be easily exploited by a low-privileged attacker with network access via HTTP, potentially leading to unauthorized creation, deletion, or modification of critical data. This vulnerability affects Oracle Configure to [truncated]
A high-severity vulnerability was discovered in Oracle Cost Management, a product of Oracle E-Business Suite. The vulnerability, tracked as CVE-2026-46938, has a CVSS score of 7.2 and can be easily exploited by a high-privileged attacker with network access via HTTP, potentially leading to a takeover of Oracle Cost Management. The vulnerability is located in the Cost Planning component. The CVSS vector is [truncated]
A vulnerability was discovered in Oracle iSetup, a component of Oracle E-Business Suite. The vulnerability affects versions 12.2.3-12.2.15 and has a CVSS score of 8.8, indicating high severity. A low-privileged attacker with network access via HTTP can exploit this vulnerability to compromise Oracle iSetup, potentially leading to takeover. This vulnerability is located in the General Ledger Update Transfo [truncated]
A high-severity vulnerability was discovered in Oracle Complex Maintenance, Repair and Overhaul, a product of Oracle E-Business Suite. The vulnerability, tracked as CVE-2026-46935, has a CVSS score of 7.5 and can be exploited by a low-privileged attacker with network access via HTTP, potentially leading to a takeover of the affected system. This vulnerability is located in the Internal Operations componen [truncated]
A high-severity vulnerability was discovered in Oracle Complex Maintenance, Repair and Overhaul, a product of Oracle E-Business Suite. The vulnerability, tracked as CVE-2026-46934, has a CVSS score of 7.5 and can be exploited by a low-privileged attacker with network access via HTTP, potentially leading to a takeover of the affected system. This vulnerability is difficult to exploit and affects versions 1 [truncated]
A critical vulnerability was discovered in Oracle Applications Manager, a component of Oracle E-Business Suite. The vulnerability, tracked as CVE-2026-46933, has a CVSS score of 9.9, indicating a high severity level. It affects versions 12.2.3-12.2.15 of Oracle Applications Manager and allows low-privileged attackers with network access via HTTP to compromise the system. Successful attacks can result in t [truncated]
A vulnerability was discovered in Oracle Enterprise Asset Management, a product of Oracle E-Business Suite. The vulnerability affects versions 12.2.3-12.2.15 and allows a low-privileged attacker with network access via HTTP to compromise the system. Successful attacks can result in unauthorized access to critical data and partial denial of service. This vulnerability has a high severity level with a CVSS [truncated]
A high-severity vulnerability was discovered in Oracle Enterprise Asset Management, a product of Oracle E-Business Suite, specifically in the Internal Operations component. The affected versions range from 12.2.6 to 12.2.15. This vulnerability is easily exploitable by a low-privileged attacker with network access via HTTP, potentially leading to a takeover of Oracle Enterprise Asset Management. The CVSS 3 [truncated]
A critical vulnerability was discovered in Oracle In-Memory Cost Management for Discrete Industries, affecting versions 12.2.12-12.2.15. This easily exploitable vulnerability allows unauthenticated attackers with network access via HTTPS to compromise the system, potentially leading to unauthorized creation, deletion, or modification of critical data. The vulnerability has a high impact on confidentiality [truncated]
A high-severity vulnerability was discovered in Oracle Cost Management, a product of Oracle E-Business Suite. The vulnerability, tracked as CVE-2026-46929, has a CVSS score of 8.8 and can be easily exploited by a low-privileged attacker with network access via HTTP, potentially leading to a takeover of Oracle Cost Management. The vulnerability is located in the Cost Planning component of Oracle Cost Manag [truncated]
A high-severity vulnerability was discovered in Oracle Receivables, a product of Oracle E-Business Suite. The vulnerability, tracked as CVE-2026-46927, has a CVSS score of 8.1 and can be exploited by unauthenticated attackers with network access via SOAP, potentially leading to a takeover of Oracle Receivables. The vulnerability is located in the Internal Operations component of Oracle Receivables and is [truncated]
A vulnerability was discovered in Siebel CRM Cloud Applications product of Oracle Siebel CRM (component: Siebel Cloud Manager). The affected versions are 17.0-26.5. This easily exploitable vulnerability allows a low-privileged attacker with logon to the infrastructure where Siebel CRM Cloud Applications executes to compromise Siebel CRM Cloud Applications. While the vulnerability is in Siebel CRM Cloud Ap [truncated]
The CVE-2026-46925 vulnerability affects the Siebel CRM Cloud Applications product, specifically versions 17.0-26.5, and is classified as a difficult-to-exploit vulnerability in the Siebel Cloud Manager component. This vulnerability allows unauthenticated attackers with access to the physical communication segment to compromise the application, potentially leading to takeover of Siebel CRM Cloud Applicati [truncated]
A high-severity vulnerability was discovered in Oracle HR Intelligence, a component of Oracle E-Business Suite. The vulnerability, tracked as CVE-2026-46922, has a CVSS score of 7.2 and can be easily exploited by a high-privileged attacker with network access via HTTP, potentially leading to a takeover of Oracle HR Intelligence. This vulnerability affects versions 12.2.3-12.2.15 of Oracle HR Intelligence. [truncated]
A vulnerability was discovered in Siebel CRM Cloud Applications, specifically in the Siebel Cloud Manager component. The vulnerability is easily exploitable, allowing a low-privileged attacker with network access via HTTP to compromise Siebel CRM Cloud Applications. Successful attacks can result in a takeover of Siebel CRM Cloud Applications. The vulnerability has a high CVSS score of 8.8, indicating high [truncated]
A high-severity vulnerability was discovered in Oracle Process Manufacturing Product Development, affecting versions 12.2.3-12.2.15. This easily exploitable vulnerability allows a low-privileged attacker with network access via HTTP to compromise the product, potentially leading to a full takeover. The vulnerability is located in the Quality Management Specs component and has significant impacts on confid [truncated]
A high-severity vulnerability was discovered in Oracle Complex Maintenance, Repair and Overhaul, a product of Oracle E-Business Suite. The vulnerability, tracked as CVE-2026-46915, has a CVSS score of 8.5 and can be exploited by a low-privileged attacker with network access via HTTP, potentially leading to a takeover of the affected product. This vulnerability is difficult to exploit and requires low priv [truncated]
A high-severity vulnerability was found in Oracle Solaris 11.4, specifically in the filesystem component. This vulnerability is easily exploitable by a low-privileged attacker with logon access to the infrastructure where Oracle Solaris executes, potentially leading to unauthorized access to critical data or complete access to all Oracle Solaris accessible data, and unauthorized ability to cause a hang or [truncated]
A critical vulnerability was discovered in JD Edwards EnterpriseOne Tools, specifically in the Installation Security component. This vulnerability allows an unauthenticated attacker with logon to the infrastructure to compromise JD Edwards EnterpriseOne Tools, potentially leading to a takeover of the system. The vulnerability has a CVSS score of 9.3 and a CVSS Vector of (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C [truncated]
A critical vulnerability was discovered in JD Edwards EnterpriseOne Tools, a product of Oracle JD Edwards. The vulnerability, tracked as CVE-2026-46912, affects versions 9.2.0.0-9.2.26.2 and allows unauthenticated attackers with network access via HTTP to compromise the system. Successful attacks can result in unauthorized access to critical data or complete access to all JD Edwards EnterpriseOne Tools ac [truncated]
A critical vulnerability was discovered in JD Edwards EnterpriseOne Project Costing, a product of Oracle JD Edwards. The vulnerability, tracked as CVE-2026-46911, has a CVSS score of 9.6 and can be easily exploited by a low-privileged attacker with network access via JDENET. Successful attacks can result in unauthorized creation, deletion, or modification access to critical data or all JD Edwards Enterpri [truncated]
A critical vulnerability was discovered in JD Edwards EnterpriseOne Tools. The vulnerability has been assigned a CVSS score of 9.1, indicating a high severity level. It allows unauthenticated attackers with network access via HTTP to compromise JD Edwards EnterpriseOne Tools, potentially leading to unauthorized access to critical data or complete access to all JD Edwards EnterpriseOne Tools accessible dat [truncated]
A critical vulnerability was discovered in JD Edwards EnterpriseOne Tools, specifically in the Enterprise Infrastructure Security component. The vulnerability has a CVSS score of 9.8 and can result in a takeover of JD Edwards EnterpriseOne Tools. It is easily exploitable by an unauthenticated attacker with network access via HTTP. The vulnerability affects versions 9.2.0.0-9.2.26.2 of JD Edwards Enterpris [truncated]
A critical vulnerability was discovered in JD Edwards EnterpriseOne Order Promising, a product of Oracle JD Edwards. The vulnerability, tracked as CVE-2026-46907, has a CVSS score of 9.9 and allows low-privileged attackers with network access via HTTP to compromise the system. The supported version affected is 9.2. Successful attacks can result in takeover of JD Edwards EnterpriseOne Order Promising and m [truncated]
A critical vulnerability was discovered in JD Edwards EnterpriseOne Tools, affecting versions 9.2.0.0-9.2.26.2. This easily exploitable vulnerability allows a low-privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools, potentially impacting additional products. Successful attacks can result in unauthorized creation, deletion, or modification access to critical data o [truncated]