Skip to main content

Apm Application Performance Management

1 CVEs product

Monthly

CVE-2026-46858 CRITICAL Act Now

Remote unauthenticated tampering and denial-of-service in Oracle Enterprise Manager's APM (Application Performance Management) component, specifically the JADM / JVM Diagnostics module in versions 13.5 and 24.1, allows attackers reachable over HTTP to modify, create, or delete any APM-accessible data and to hang or repeatedly crash the service. The flaw is rated CVSS 9.1 with no privileges or user interaction required, but at time of analysis there is no public exploit identified and the issue is not listed in CISA KEV.

Oracle Apm Application Performance Management Authentication Bypass
NVD
CVSS 3.1
9.1
EPSS
0.5%
EPSS 0% CVSS 9.1
CRITICAL Act Now

Remote unauthenticated tampering and denial-of-service in Oracle Enterprise Manager's APM (Application Performance Management) component, specifically the JADM / JVM Diagnostics module in versions 13.5 and 24.1, allows attackers reachable over HTTP to modify, create, or delete any APM-accessible data and to hang or repeatedly crash the service. The flaw is rated CVSS 9.1 with no privileges or user interaction required, but at time of analysis there is no public exploit identified and the issue is not listed in CISA KEV.

Oracle Apm Application Performance Management Authentication Bypass
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy