What is the CVSS score of CVE-2026-46805?

CVE-2026-46805 has a CVSS 3.1 base score of 9.3 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N. EPSS exploitation probability: 0.4%.

Which versions of Oracle WebCenter Content are affected by CVE-2026-46805?

Oracle WebCenter Content 14.1.2.0.0 contains a critical vulnerability (CVSS 9.3) that allows unauthenticated attackers to read, modify, or delete all data accessible through WebCenter Content when…

How to fix or mitigate CVE-2026-46805?

Within 24 hours: inventory all Oracle WebCenter Content 14.1.2.0.0 deployments and document connected Fusion Middleware products; enforce HTTPS-only protocols and disable HTTP access. Within 7 days: implement network segmentation limiting WebCenter Content 14.1.2.0.0 access to authorized staff only; deploy web application firewall rules blocking user interactions with untrusted external content. Within 30 days: request patch status and availability timeline from Oracle; prepare remediation plan for version 14.1.2.0.0 including testing and staged deployment.

Oracle WebCenter Content CVE-2026-46805

EUVD-2026-37323 CRITICAL

Improper Access Control (CWE-284)

2026-06-16 oracle

Authentication Bypass Oracle Oracle Webcenter Content

9.3

CVSS 3.1 · Vendor: oracle

Severity by source

Vendor (oracle) PRIMARY

9.3 CRITICAL

AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N

vuln.today AI

9.3 CRITICAL

HTTP-reachable, unauthenticated, but requires victim interaction; scope change into adjacent Fusion Middleware product, high confidentiality and integrity impact, no availability effect.

3.1 AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N

4.0 AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N

Primary rating from Vendor (oracle).

CVSS VectorVendor: oracle

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Changed

Confidentiality

High

Integrity

High

Availability

None

Lifecycle Timeline

Analysis Generated

Jun 16, 2026 - 22:54 vuln.today

DescriptionCVE.org

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). The supported version that is affected is 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Content. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle WebCenter Content, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle WebCenter Content accessible data as well as unauthorized access to critical data or complete access to all Oracle WebCenter Content accessible data. CVSS 3.1 Base Score 9.3 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N).

AnalysisAI

Cross-scope compromise in Oracle WebCenter Content 14.1.2.0.0 (Content Server component) allows an unauthenticated remote attacker to read, modify, or delete all WebCenter Content-accessible data when a victim is lured into interacting with attacker-supplied content over HTTP. The scope-changed (S:C) nature of the flaw means impact extends beyond WebCenter Content into adjacent products in the Fusion Middleware deployment, earning a CVSS 9.3 rating. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Identify exposed WebCenter Content 14.1.2.0.0 portal

Delivery

Craft malicious HTTP payload or link

Exploit

Deliver link to authenticated user

Execution

Victim interaction triggers cross-scope request

Persist

Content Server processes attacker request

Impact

Read or modify content across scope boundary

Access

Identify exposed WebCenter Content 14.1.2.0.0 portal

Delivery

Craft malicious HTTP payload or link

Exploit

Deliver link to authenticated user

Execution

Victim interaction triggers cross-scope request

Persist

Content Server processes attacker request

Impact

Read or modify content across scope boundary

Vulnerability AssessmentAI

Exploitation	Requires a reachable Oracle WebCenter Content 14.1.2.0.0 Content Server over HTTP and a victim user - distinct from the attacker - who interacts with attacker-controlled content (UI:R), typically by clicking a crafted link or visiting a malicious page while a session to the Content Server is established or establishable. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	All hard signals point to a high-priority issue: CVSS 9.3 with AV:N/AC:L/PR:N reflects easy, unauthenticated, network-reachable exploitation, and the S:C scope change is what pushes the score above 9. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An attacker hosts a crafted page or sends a link (email, Teams, Slack) to a WebCenter Content user with an active session; when the victim clicks, the page issues HTTP requests that exploit the Content Server's flaw to create, modify, or exfiltrate documents under the victim's authority, with the scope change letting the same request also affect a connected Fusion Middleware product. No public exploit is identified at the time of analysis, but the AC:L/PR:N profile means a working PoC, once published, would be straightforward to weaponise against any exposed 14.1.2.0.0 portal.
Remediation	Patch available per vendor advisory - apply the fixes in Oracle's Critical Patch Update Advisory of June 2026 (https://www.oracle.com/security-alerts/cspujun2026.html), which is the only release channel Oracle ships security fixes through for WebCenter Content; a specific patched build number is not surfaced in the supplied input, so consult the CPU matrix for the exact 14.1.2.0.0 patch ID applicable to your environment. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: inventory all Oracle WebCenter Content 14.1.2.0.0 deployments and document connected Fusion Middleware products; enforce HTTPS-only protocols and disable HTTP access. …

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-35316 CRITICAL Act Now

9.9 Jun 16

Account takeover in Oracle WebCenter Content 12.2.1.4.0 and 14.1.2.0.0 (Content Server component) allows a low-privilege

CVE-2026-35321 CRITICAL Act Now

9.9 Jun 16

Takeover of Oracle WebCenter Content 12.2.1.4.0 and 14.1.2.0.0 is achievable by a low-privileged remote attacker over HT

CVE-2026-35323 CRITICAL Act Now

9.9 Jun 16

Takeover of Oracle WebCenter Content 12.2.1.4.0 and 14.1.2.0.0 is possible by a low-privileged attacker sending HTTP req

CVE-2026-35286 CRITICAL Act Now

9.8 Jun 16

Remote takeover of Oracle WebCenter Content 12.2.1.4.0 and 14.1.2.0.0 allows unauthenticated network attackers to fully

CVE-2026-35319 CRITICAL Act Now

9.8 Jun 16

Remote unauthenticated takeover of Oracle WebCenter Content 12.2.1.4.0 and 14.1.2.0.0 is possible via the Content Server

CVE-2026-46805 vulnerability details – vuln.today

Back

Oracle WebCenter Content CVE-2026-46805

Severity by source

CVSS VectorVendor: oracle

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Unlock full vulnerability intelligence

Attack ChainAIDerived

Vulnerability AssessmentAI

Recommended ActionAI

More from same product – last 7 days

Share

External POC / Exploit Code