What is the CVSS score of CVE-2026-46787?

CVE-2026-46787 has a CVSS 3.1 base score of 8.0 (High). CVSS vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N. EPSS exploitation probability: 0.3%.

Which versions of Oracle WebCenter Content are affected by CVE-2026-46787?

Oracle WebCenter Content 14.1.2.0.0 (Content Server) contains a high-severity vulnerability that allows unauthenticated remote attackers to trick authorized users into accessing attacker-controlled…

How to fix or mitigate CVE-2026-46787?

24 hours: Identify all Oracle WebCenter Content 14.1.2.0.0 deployments; restrict external access; implement network segmentation to isolate WebCenter from other systems. 7 days: Deploy compensating controls listed below; enable enhanced logging and alerting for unauthorized data access attempts; assess scope of sensitive data stored in affected systems. 30 days: Monitor Oracle security advisories for patch release via Oracle support channels; establish testing and deployment plan; validate any available patch in non-production environment before rollout.

Oracle WebCenter Content CVE-2026-46787

EUVD-2026-37305 HIGH

Cross-Site Request Forgery (CSRF) (CWE-352)

2026-06-16 oracle

Authentication Bypass Oracle Oracle Webcenter Content CSRF

8.0

CVSS 3.1 · Vendor: oracle

Severity by source

Vendor (oracle) PRIMARY

8.0 HIGH

AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N

vuln.today AI

8.0 HIGH

HTTP-reachable endpoint gives AV:N/PR:N; attacker depends on a privileged victim interaction and non-trivial preconditions, hence UI:R and AC:H; impact is data read/modify across components (S:C, C:H, I:H) with no DoS (A:N).

3.1 AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N

4.0 AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N

Primary rating from Vendor (oracle).

CVSS VectorVendor: oracle

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

Required

Scope

Changed

Confidentiality

High

Integrity

High

Availability

None

Lifecycle Timeline

Analysis Generated

Jun 16, 2026 - 23:04 vuln.today

DescriptionCVE.org

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). The supported version that is affected is 14.1.2.0.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Content. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle WebCenter Content, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle WebCenter Content accessible data as well as unauthorized access to critical data or complete access to all Oracle WebCenter Content accessible data. CVSS 3.1 Base Score 8.0 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N).

AnalysisAI

Cross-component compromise of Oracle WebCenter Content 14.1.2.0.0 (Content Server) allows a remote unauthenticated attacker who can lure a privileged user into interacting with attacker-controlled content to read or modify all WebCenter Content data and pivot into additional Oracle Fusion Middleware products via a scope change. The CVSS 3.1 base score of 8.0 reflects high confidentiality and integrity impact tempered by high attack complexity and required user interaction, and no public exploit identified at time of analysis.

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Identify exposed Content Server HTTP endpoint

Delivery

Stage malicious content or link

Exploit

Submit to WebCenter Content

Execution

Privileged reviewer interacts with item

Persist

Trigger cross-component flaw (scope change)

Impact

Read or modify managed and adjacent product data

Access

Identify exposed Content Server HTTP endpoint

Delivery

Stage malicious content or link

Exploit

Submit to WebCenter Content

Execution

Privileged reviewer interacts with item

Persist

Trigger cross-component flaw (scope change)

Impact

Read or modify managed and adjacent product data

Vulnerability AssessmentAI

Exploitation	Exploitation requires that the Content Server HTTP interface of Oracle WebCenter Content 14.1.2.0.0 be reachable by the attacker (the vector is HTTP, no credentials needed) AND that a different privileged user - typically an administrator or content reviewer with rights inside Fusion Middleware - perform an interaction such as opening, previewing, or processing attacker-supplied content. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	The CVSS 3.1 vector (AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N) yields 8.0 - high impact but with two meaningful brakes: AC:H (the attacker must win a race, meet a specific configuration, or stage non-trivial prerequisites) and UI:R (a privileged user must perform an action). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An external attacker submits crafted content or a crafted URL to a WebCenter Content endpoint reachable over HTTP, then waits for an administrator or content reviewer to open or preview it in the Content Server UI; the interaction triggers the flaw and, because of the scope change, the attacker gains read/write access to managed content and influence over an integrated Fusion Middleware component running with higher trust. The AC:H rating implies the attacker must satisfy timing or configuration prerequisites for the exploit to succeed, and no public exploit identified at time of analysis means any current attempts would require original research.
Remediation	Apply the fixes bundled in the Oracle Critical Patch Update of June 2026 to WebCenter Content 14.1.2.0.0 by following the advisory at https://www.oracle.com/security-alerts/cspujun2026.html; Oracle CPUs deliver the patches as Stack Patch Bundles or one-off patches against the affected Fusion Middleware home, so plan a WebLogic domain outage for the OPatch run. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

24 hours: Identify all Oracle WebCenter Content 14.1.2.0.0 deployments; restrict external access; implement network segmentation to isolate WebCenter from other systems. …

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-35316 CRITICAL Act Now

9.9 Jun 16

Account takeover in Oracle WebCenter Content 12.2.1.4.0 and 14.1.2.0.0 (Content Server component) allows a low-privilege

CVE-2026-35321 CRITICAL Act Now

9.9 Jun 16

Takeover of Oracle WebCenter Content 12.2.1.4.0 and 14.1.2.0.0 is achievable by a low-privileged remote attacker over HT

CVE-2026-35323 CRITICAL Act Now

9.9 Jun 16

Takeover of Oracle WebCenter Content 12.2.1.4.0 and 14.1.2.0.0 is possible by a low-privileged attacker sending HTTP req

CVE-2026-35286 CRITICAL Act Now

9.8 Jun 16

Remote takeover of Oracle WebCenter Content 12.2.1.4.0 and 14.1.2.0.0 allows unauthenticated network attackers to fully

CVE-2026-35319 CRITICAL Act Now

9.8 Jun 16

Remote unauthenticated takeover of Oracle WebCenter Content 12.2.1.4.0 and 14.1.2.0.0 is possible via the Content Server

CVE-2026-46787 vulnerability details – vuln.today

Back

Oracle WebCenter Content CVE-2026-46787

Severity by source

CVSS VectorVendor: oracle

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Unlock full vulnerability intelligence

Attack ChainAIDerived

Vulnerability AssessmentAI

Recommended ActionAI

More from same product – last 7 days

Share

External POC / Exploit Code