Skip to main content

Oracle Applications Manager

1 CVEs product

Monthly

CVE-2026-46933 CRITICAL Act Now

Privilege escalation and full takeover of Oracle Applications Manager (component: Internal Operations) in Oracle E-Business Suite versions 12.2.3 through 12.2.15 allows a low-privileged remote attacker over HTTP to fully compromise the management product and, because of the scope change, significantly impact additional integrated products. Oracle rates the issue CVSS 9.9 with confidentiality, integrity, and availability impacts; no public exploit identified at time of analysis. Listed in the ENISA EUVD as EUVD-2026-37249 and addressed in Oracle's June 2026 Critical Patch Update.

Oracle Oracle Applications Manager Authentication Bypass
NVD
CVSS 3.1
9.9
EPSS
0.4%
EPSS 0% CVSS 9.9
CRITICAL Act Now

Privilege escalation and full takeover of Oracle Applications Manager (component: Internal Operations) in Oracle E-Business Suite versions 12.2.3 through 12.2.15 allows a low-privileged remote attacker over HTTP to fully compromise the management product and, because of the scope change, significantly impact additional integrated products. Oracle rates the issue CVSS 9.9 with confidentiality, integrity, and availability impacts; no public exploit identified at time of analysis. Listed in the ENISA EUVD as EUVD-2026-37249 and addressed in Oracle's June 2026 Critical Patch Update.

Oracle Oracle Applications Manager Authentication Bypass
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy