Skip to main content

Oracle Hr Intelligence

3 CVEs product

Monthly

CVE-2026-46971 HIGH This Week

Full compromise of Oracle HR Intelligence (a module of Oracle E-Business Suite) is possible for an authenticated low-privileged attacker who can reach the Internal Operations component over HTTP, per Oracle's June 2026 Critical Patch Update. The flaw affects EBS versions 12.2.3 through 12.2.15 and yields high impact across confidentiality, integrity, and availability, though Oracle rates exploitation as difficult (AC:H). No public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Information Disclosure Oracle Oracle Hr Intelligence
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-46970 HIGH This Week

Full compromise of Oracle HR Intelligence (component: Internal Operations) in Oracle E-Business Suite versions 12.2.3 through 12.2.15 is possible by an authenticated high-privileged attacker over HTTP. Successful exploitation results in takeover of the HR Intelligence application with confidentiality, integrity, and availability impact (CVSS 3.1 base 7.2). There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Oracle Oracle Hr Intelligence Privilege Escalation
NVD
CVSS 3.1
7.2
EPSS
0.5%
CVE-2026-46922 HIGH This Week

Full compromise of Oracle HR Intelligence (component: Internal Operations) in Oracle E-Business Suite 12.2.3 through 12.2.15 is achievable by an authenticated high-privileged user over the network via HTTP, leading to takeover of the HR Intelligence module with full confidentiality, integrity, and availability impact. The flaw was reported by Oracle and disclosed in the June 2026 Critical Patch Update; there is no public exploit identified at time of analysis and the issue is not on CISA KEV. CVSS 3.1 base score is 7.2 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H), reflecting easy exploitation once the high privilege precondition is met.

Oracle Oracle Hr Intelligence Authentication Bypass
NVD
CVSS 3.1
7.2
EPSS
0.5%
EPSS 0% CVSS 7.5
HIGH This Week

Full compromise of Oracle HR Intelligence (a module of Oracle E-Business Suite) is possible for an authenticated low-privileged attacker who can reach the Internal Operations component over HTTP, per Oracle's June 2026 Critical Patch Update. The flaw affects EBS versions 12.2.3 through 12.2.15 and yields high impact across confidentiality, integrity, and availability, though Oracle rates exploitation as difficult (AC:H). No public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Information Disclosure Oracle Oracle Hr Intelligence
NVD
EPSS 0% CVSS 7.2
HIGH This Week

Full compromise of Oracle HR Intelligence (component: Internal Operations) in Oracle E-Business Suite versions 12.2.3 through 12.2.15 is possible by an authenticated high-privileged attacker over HTTP. Successful exploitation results in takeover of the HR Intelligence application with confidentiality, integrity, and availability impact (CVSS 3.1 base 7.2). There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Oracle Oracle Hr Intelligence Privilege Escalation
NVD
EPSS 0% CVSS 7.2
HIGH This Week

Full compromise of Oracle HR Intelligence (component: Internal Operations) in Oracle E-Business Suite 12.2.3 through 12.2.15 is achievable by an authenticated high-privileged user over the network via HTTP, leading to takeover of the HR Intelligence module with full confidentiality, integrity, and availability impact. The flaw was reported by Oracle and disclosed in the June 2026 Critical Patch Update; there is no public exploit identified at time of analysis and the issue is not on CISA KEV. CVSS 3.1 base score is 7.2 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H), reflecting easy exploitation once the high privilege precondition is met.

Oracle Oracle Hr Intelligence Authentication Bypass
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy