CVE-2026-46783
Undergoing Analysis Undergoing Analysis - In Progress

Remote Code Execution in Oracle WebCenter Content Imaging

Vulnerability report for CVE-2026-46783, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-17

Last updated on: 2026-06-18

Assigner: Oracle

Description

Vulnerability in the WebCenter Content: Imaging product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise WebCenter Content: Imaging. Successful attacks of this vulnerability can result in takeover of WebCenter Content: Imaging. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-17
Last Modified
2026-06-18
Generated
2026-07-08
AI Q&A
2026-06-17
EPSS Evaluated
2026-07-06
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
oracle webcenter_content 12.2.1.4.0
oracle webcenter_content 14.1.2.0.0

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in the WebCenter Content: Imaging product of Oracle Fusion Middleware, specifically in the Core component. It affects supported versions 12.2.1.4.0 and 14.1.2.0.0.

The vulnerability is easily exploitable by an unauthenticated attacker who has network access via HTTP. Successful exploitation can lead to a complete takeover of the WebCenter Content: Imaging system.

The severity is very high, with a CVSS 3.1 base score of 9.8, indicating critical impacts on confidentiality, integrity, and availability.

Impact Analysis

If exploited, this vulnerability can allow an attacker to fully compromise the WebCenter Content: Imaging system without any authentication.

  • Loss of confidentiality: sensitive information stored or processed by the system can be accessed.
  • Loss of integrity: data within the system can be altered or corrupted.
  • Loss of availability: the system can be disrupted or taken offline.

Overall, this can lead to significant operational, reputational, and security risks.

Compliance Impact

The vulnerability allows an unauthenticated attacker with network access to fully compromise the WebCenter Content: Imaging product, resulting in a complete takeover. This can lead to unauthorized access, modification, and disruption of sensitive data.

Such a compromise can severely impact compliance with common standards and regulations like GDPR and HIPAA, which require strict protection of confidentiality, integrity, and availability of sensitive information.

Failure to protect data as mandated by these regulations could result in legal penalties, loss of trust, and other compliance-related consequences.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-46783. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart