What is the CVSS score of EUVD-2026-37326?

EUVD-2026-37326 has a CVSS 3.1 base score of 8.7 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N. EPSS exploitation probability: 0.4%.

Which versions of Oracle WebCenter Content are affected by EUVD-2026-37326?

Oracle WebCenter Content 14.1.2.0.0 contains a critical vulnerability enabling attackers with low-privileged access to read and modify sensitive data across interconnected Oracle Fusion Middleware…

How to fix or mitigate EUVD-2026-37326?

Within 24 hours: Identify and document all systems running Oracle WebCenter Content 14.1.2.0.0; assess exposure of low-privileged user accounts and user interaction dependencies. Within 7 days: Implement network segmentation isolating WebCenter Content from sensitive systems, enforce strict least-privilege access controls, and enable enhanced logging for data access and cross-product authentication attempts. Within 30 days: Monitor Oracle security advisories and CISA bulletins daily for patch availability; develop and initiate execution of a remediation plan including planned version upgrades or system migration timelines.

Oracle WebCenter Content EUVD-2026-37326

| CVE-2026-46808 HIGH

Improper Access Control (CWE-284)

2026-06-16 oracle

Authentication Bypass Oracle Oracle Webcenter Content

8.7

CVSS 3.1 · Vendor: oracle

Severity by source

Vendor (oracle) PRIMARY

8.7 HIGH

AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N

vuln.today AI

8.7 HIGH

HTTP-reachable Content Server (AV:N/AC:L), requires a low-privileged account (PR:L) and a second user's interaction (UI:R); scope change to other Fusion Middleware with full C/I impact, no availability effect.

3.1 AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N

4.0 AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N

Primary rating from Vendor (oracle).

CVSS VectorVendor: oracle

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Changed

Confidentiality

High

Integrity

High

Availability

None

Lifecycle Timeline

Analysis Generated

Jun 16, 2026 - 22:52 vuln.today

DescriptionCVE.org

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). The supported version that is affected is 14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebCenter Content. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle WebCenter Content, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle WebCenter Content accessible data as well as unauthorized access to critical data or complete access to all Oracle WebCenter Content accessible data. CVSS 3.1 Base Score 8.7 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N).

AnalysisAI

Cross-product compromise in Oracle WebCenter Content 14.1.2.0.0 (Content Server component) allows a low-privileged remote attacker to read and modify critical data with scope change to additional Oracle Fusion Middleware products. Exploitation requires user interaction from a separate victim and yields high confidentiality and integrity impact (CVSS 3.1 base 8.7); no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Obtain low-privileged WebCenter account

Delivery

Upload or modify crafted content item

Exploit

Send link or wait for victim workflow

Execution

Victim interacts with malicious content

Persist

Payload executes in victim's trust context

Impact

Cross-scope read/modify of critical Fusion Middleware data

Access

Obtain low-privileged WebCenter account

Delivery

Upload or modify crafted content item

Exploit

Send link or wait for victim workflow

Execution

Victim interacts with malicious content

Persist

Payload executes in victim's trust context

Impact

Cross-scope read/modify of critical Fusion Middleware data

Vulnerability AssessmentAI

Exploitation	Attacker must (1) reach the Oracle WebCenter Content 14.1.2.0.0 Content Server over HTTP/HTTPS, (2) hold valid low-privileged credentials on that instance (CVSS PR:L), and (3) induce a separate user - not themselves - to perform an action such as opening, previewing, or processing attacker-supplied content (CVSS UI:R). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	Signals are mixed: CVSS 3.1 is 8.7 (High) driven by network vector, low attack complexity, scope change, and high C/I impact, which Oracle classifies as 'easily exploitable'. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An attacker who has obtained or registered a low-privileged WebCenter Content account uploads or edits a content item containing a malicious payload, then waits for a higher-privileged user (e.g., a reviewer or administrator) to open or process it over HTTP. When the victim interacts with the content, the payload executes in the victim's session context and the scope-change condition lets the attacker read or alter critical data across WebCenter Content and connected Fusion Middleware products. …
Remediation	Apply the fixes shipped in the Oracle Critical Patch Update June 2026 (https://www.oracle.com/security-alerts/cspujun2026.html) for Oracle WebCenter Content 14.1.2.0.0 - patch available per vendor advisory; no standalone fix version is published outside the CPU bundle. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify and document all systems running Oracle WebCenter Content 14.1.2.0.0; assess exposure of low-privileged user accounts and user interaction dependencies. …

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-35316 CRITICAL Act Now

9.9 Jun 16

Account takeover in Oracle WebCenter Content 12.2.1.4.0 and 14.1.2.0.0 (Content Server component) allows a low-privilege

CVE-2026-35321 CRITICAL Act Now

9.9 Jun 16

Takeover of Oracle WebCenter Content 12.2.1.4.0 and 14.1.2.0.0 is achievable by a low-privileged remote attacker over HT

CVE-2026-35323 CRITICAL Act Now

9.9 Jun 16

Takeover of Oracle WebCenter Content 12.2.1.4.0 and 14.1.2.0.0 is possible by a low-privileged attacker sending HTTP req

CVE-2026-35286 CRITICAL Act Now

9.8 Jun 16

Remote takeover of Oracle WebCenter Content 12.2.1.4.0 and 14.1.2.0.0 allows unauthenticated network attackers to fully

CVE-2026-35319 CRITICAL Act Now

9.8 Jun 16

Remote unauthenticated takeover of Oracle WebCenter Content 12.2.1.4.0 and 14.1.2.0.0 is possible via the Content Server

EUVD-2026-37326 vulnerability details – vuln.today

Back

Oracle WebCenter Content EUVD-2026-37326

Severity by source

CVSS VectorVendor: oracle

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Unlock full vulnerability intelligence

Attack ChainAIDerived

Vulnerability AssessmentAI

Recommended ActionAI

More from same product – last 7 days

Share

External POC / Exploit Code