CVE-2026-46902

CRITICAL oracle enterprise_command_center_framework NVD

CVSS Score 9.8

Severity CRITICAL

Published Jun 17, 2026

Vendor oracle

Description

Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite (component: Core). Supported versions that are affected are V15 and V16. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Enterprise Command Center Framework. Successful attacks of this vulnerability can result in takeover of Oracle Enterprise Command Center Framework. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Vendor Advisories

https://www.oracle.com/security-alerts/cspujun2026.html

References

https://www.oracle.com/security-alerts/cspujun2026.html