Skip to main content

Oracle Enterprise Asset Management

2 CVEs product

Monthly

CVE-2026-46932 HIGH This Week

Information disclosure and partial denial of service in Oracle E-Business Suite Enterprise Asset Management (versions 12.2.3 through 12.2.15) allows a low-privileged authenticated attacker with HTTP network access to read all data accessible to the Enterprise Asset Management module and degrade its availability. Oracle rates the issue 7.1 CVSS 3.1 and describes it as easily exploitable. No public exploit identified at time of analysis and the CVE is not currently listed in CISA KEV.

Authentication Bypass Denial Of Service Oracle Oracle Enterprise Asset Management
NVD
CVSS 3.1
7.1
EPSS
0.4%
CVE-2026-46931 HIGH This Week

Account takeover in Oracle Enterprise Asset Management (Oracle E-Business Suite 12.2.6 through 12.2.15) allows a low-privileged remote attacker to fully compromise the Internal Operations component over HTTP. The flaw carries a CVSS 3.1 base score of 8.8 with high confidentiality, integrity, and availability impacts, and no public exploit identified at time of analysis. Because EBS instances frequently underpin manufacturing and asset-management workflows for large enterprises, successful exploitation could pivot from a foothold account into a full module takeover.

Oracle Oracle Enterprise Asset Management Authentication Bypass
NVD
CVSS 3.1
8.8
EPSS
0.4%
EPSS 0% CVSS 7.1
HIGH This Week

Information disclosure and partial denial of service in Oracle E-Business Suite Enterprise Asset Management (versions 12.2.3 through 12.2.15) allows a low-privileged authenticated attacker with HTTP network access to read all data accessible to the Enterprise Asset Management module and degrade its availability. Oracle rates the issue 7.1 CVSS 3.1 and describes it as easily exploitable. No public exploit identified at time of analysis and the CVE is not currently listed in CISA KEV.

Authentication Bypass Denial Of Service Oracle +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Account takeover in Oracle Enterprise Asset Management (Oracle E-Business Suite 12.2.6 through 12.2.15) allows a low-privileged remote attacker to fully compromise the Internal Operations component over HTTP. The flaw carries a CVSS 3.1 base score of 8.8 with high confidentiality, integrity, and availability impacts, and no public exploit identified at time of analysis. Because EBS instances frequently underpin manufacturing and asset-management workflows for large enterprises, successful exploitation could pivot from a foothold account into a full module takeover.

Oracle Oracle Enterprise Asset Management Authentication Bypass
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy