What is the CVSS score of CVE-2026-46804?

CVE-2026-46804 has a CVSS 3.1 base score of 8.7 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N. EPSS exploitation probability: 0.4%.

Which versions of Oracle WebCenter Content are affected by CVE-2026-46804?

Oracle WebCenter Content 14.1.2.0.0 contains a critical cross-tenant data compromise vulnerability (CVE-2026-46804, CVSS 8.7) that allows authenticated users with low privileges to gain unauthorized…

How to fix or mitigate CVE-2026-46804?

24 hours: Identify all systems running Oracle WebCenter Content 14.1.2.0.0, classify data sensitivity, and establish baseline of authorized user access patterns. 7 days: Restrict WebCenter Content access to essential personnel only, revoke non-critical user privileges, and implement enhanced monitoring for suspicious content access, creation, modification, and deletion operations. 30 days: Apply vendor patch immediately upon release; maintain interim controls until patch deployment is verified on all affected systems.

Oracle WebCenter Content CVE-2026-46804

EUVD-2026-37322 HIGH

Improper Privilege Management (CWE-269)

2026-06-16 oracle

Authentication Bypass Oracle Oracle Webcenter Content Privilege Escalation

8.7

CVSS 3.1 · Vendor: oracle

Severity by source

Vendor (oracle) PRIMARY

8.7 HIGH

AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N

vuln.today AI

8.7 HIGH

Network HTTP reach with a low-privileged account (PR:L), required victim interaction (UI:R), and a scope-changing cross-product impact on confidentiality and integrity but no availability effect per Oracle's description.

3.1 AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N

4.0 AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N

Primary rating from Vendor (oracle).

CVSS VectorVendor: oracle

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Changed

Confidentiality

High

Integrity

High

Availability

None

Lifecycle Timeline

Analysis Generated

Jun 16, 2026 - 22:55 vuln.today

DescriptionCVE.org

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). The supported version that is affected is 14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebCenter Content. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle WebCenter Content, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle WebCenter Content accessible data as well as unauthorized access to critical data or complete access to all Oracle WebCenter Content accessible data. CVSS 3.1 Base Score 8.7 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N).

AnalysisAI

Cross-tenant data compromise in Oracle WebCenter Content 14.1.2.0.0 (Content Server component) allows a low-privileged authenticated attacker to coerce another user into an interaction that yields unauthorized read, create, modify, or delete access to all WebCenter Content data, with a scope change extending impact to additional Oracle Fusion Middleware products. Disclosed in Oracle's June 2026 Critical Patch Update with a CVSS 3.1 base score of 8.7; no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Obtain low-privileged Content Server account

Delivery

Stage crafted content or URL

Exploit

Send link to privileged user

Execution

Victim interaction triggers cross-scope action

Persist

Read/modify data across Fusion Middleware

Impact

Exfiltrate or tamper with critical records

Access

Obtain low-privileged Content Server account

Delivery

Stage crafted content or URL

Exploit

Send link to privileged user

Execution

Victim interaction triggers cross-scope action

Persist

Read/modify data across Fusion Middleware

Impact

Exfiltrate or tamper with critical records

Vulnerability AssessmentAI

Exploitation	Attacker must hold a low-privileged authenticated account on the targeted Oracle WebCenter Content 14.1.2.0.0 Content Server reachable over HTTP, and a different user - not the attacker - must perform an interaction with attacker-supplied content or URL through the Content Server interface (CVSS UI:R). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	The CVSS 3.1 vector AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N realistically describes a high-impact confidentiality and integrity issue that is gated by two real-world frictions: the attacker must already hold a low-privileged Content Server account, and a second user (likely a higher-privileged one) must perform an interaction such as clicking a link or rendering attacker-controlled content. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An attacker registers or compromises a low-privileged Content Server account, uploads or shares a crafted item, and lures an administrator or higher-privileged colleague into opening it through the Content Server UI; the resulting interaction causes the Content Server to act with the victim's authority across the trust boundary, letting the attacker read, modify, or delete arbitrary content and reach data in linked Fusion Middleware components. No public exploit identified at time of analysis, and the AC:L/UI:R profile means a single successful social-engineering touch is usually enough to complete the chain.
Remediation	Apply the patch from Oracle's June 2026 Critical Patch Update for Oracle WebCenter Content 14.1.2.0.0 as documented at https://www.oracle.com/security-alerts/cspujun2026.html (Patch available per vendor advisory; no independently confirmed standalone fix version beyond the CPU bundle in the supplied data). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

24 hours: Identify all systems running Oracle WebCenter Content 14.1.2.0.0, classify data sensitivity, and establish baseline of authorized user access patterns. …

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-35316 CRITICAL Act Now

9.9 Jun 16

Account takeover in Oracle WebCenter Content 12.2.1.4.0 and 14.1.2.0.0 (Content Server component) allows a low-privilege

CVE-2026-35321 CRITICAL Act Now

9.9 Jun 16

Takeover of Oracle WebCenter Content 12.2.1.4.0 and 14.1.2.0.0 is achievable by a low-privileged remote attacker over HT

CVE-2026-35323 CRITICAL Act Now

9.9 Jun 16

Takeover of Oracle WebCenter Content 12.2.1.4.0 and 14.1.2.0.0 is possible by a low-privileged attacker sending HTTP req

CVE-2026-35286 CRITICAL Act Now

9.8 Jun 16

Remote takeover of Oracle WebCenter Content 12.2.1.4.0 and 14.1.2.0.0 allows unauthenticated network attackers to fully

CVE-2026-35319 CRITICAL Act Now

9.8 Jun 16

Remote unauthenticated takeover of Oracle WebCenter Content 12.2.1.4.0 and 14.1.2.0.0 is possible via the Content Server

CVE-2026-46804 vulnerability details – vuln.today

Back

Oracle WebCenter Content CVE-2026-46804

Severity by source

CVSS VectorVendor: oracle

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Unlock full vulnerability intelligence

Attack ChainAIDerived

Vulnerability AssessmentAI

Recommended ActionAI

More from same product – last 7 days

Share

External POC / Exploit Code