Skip to main content

Oracle Process Manufacturing Product Development

2 CVEs product

Monthly

CVE-2026-46918 CRITICAL Act Now

Account takeover in Oracle E-Business Suite's Process Manufacturing Product Development component (versions 12.2.3 through 12.2.15) allows a low-privileged remote attacker to fully compromise the module via HTTP and pivot into other Oracle products through a CVSS scope change. Oracle rates the issue 9.9/10 and describes it as easily exploitable; no public exploit identified at time of analysis and the CVE is not on the CISA KEV list.

Oracle Oracle Process Manufacturing Product Development Authentication Bypass
NVD
CVSS 3.1
9.9
EPSS
0.5%
CVE-2026-46916 HIGH This Week

Account takeover of Oracle Process Manufacturing Product Development (versions 12.2.3-12.2.15) is achievable by a low-privileged remote attacker over HTTP via the Quality Management Specs component. The flaw scores CVSS 8.8 with full confidentiality, integrity, and availability impact, and Oracle classifies it as easily exploitable; no public exploit identified at time of analysis and it is not listed in CISA KEV.

Oracle Oracle Process Manufacturing Product Development Authentication Bypass
NVD
CVSS 3.1
8.8
EPSS
0.5%
EPSS 0% CVSS 9.9
CRITICAL Act Now

Account takeover in Oracle E-Business Suite's Process Manufacturing Product Development component (versions 12.2.3 through 12.2.15) allows a low-privileged remote attacker to fully compromise the module via HTTP and pivot into other Oracle products through a CVSS scope change. Oracle rates the issue 9.9/10 and describes it as easily exploitable; no public exploit identified at time of analysis and the CVE is not on the CISA KEV list.

Oracle Oracle Process Manufacturing Product Development Authentication Bypass
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Account takeover of Oracle Process Manufacturing Product Development (versions 12.2.3-12.2.15) is achievable by a low-privileged remote attacker over HTTP via the Quality Management Specs component. The flaw scores CVSS 8.8 with full confidentiality, integrity, and availability impact, and Oracle classifies it as easily exploitable; no public exploit identified at time of analysis and it is not listed in CISA KEV.

Oracle Oracle Process Manufacturing Product Development Authentication Bypass
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy