CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.01)

CVE-2026-46918
Critical

Vulnerability in the Oracle Process Manufacturing Product Development product of Oracle E-Business Suite allows a low privileged attacker with network access via HTTP to take control of this product. Attacks may also significantly impact additional products in the system.

CVE-2026-46913
Critical

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle, concerning the installation security component. It allows an unauthenticated attacker with access to the infrastructure where JD Edwards EnterpriseOne Tools runs to compromise the tool.

CVE-2026-46912
Critical

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle, concerning the Web Runtime Security component, allows easy exploitation by an unauthenticated attacker with network access via HTTP. Attacks may lead to unauthorized access to critical data and complete access to all data available in JD Edwards EnterpriseOne Tools.

CVE-2026-46911
Critical

Vulnerability in the JD Edwards EnterpriseOne Project Costing product of Oracle JD Edwards (component: Job Costing) affects version 9.2. Easily exploitable vulnerability allows low privileged attacker to remotely compromise JD Edwards EnterpriseOne Project Costing data.

CVE-2026-46910
Critical

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards, affecting the Enterprise Infrastructure Security component. It allows an unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools.

CVE-2026-46909
Critical

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards, affecting the Enterprise Infrastructure Security component. Versions 9.2.0.0-9.2.26.2 are susceptible to easily exploitable attacks that can lead to takeover of JD Edwards EnterpriseOne Tools.

CVE-2026-46908
Critical

A vulnerability in the JD Edwards EnterpriseOne Accounts Payable product of Oracle allows a low privileged attacker with network access via HTTP to compromise the system. The impact of this vulnerability may also affect additional products, increasing the scope of potential attacks.

CVE-2026-46907
Critical

Vulnerability in the JD Edwards EnterpriseOne Order Promising product of Oracle allows a low privileged attacker with network access via HTTP to compromise the system. Attacks may significantly impact additional products, increasing the scope of the threat.

CVE-2026-46906
Critical

A vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle allows a low privileged attacker with network access via HTTP to compromise JD Edwards Tools. Attacks may significantly impact additional products, changing the scope of the threat.

CVE-2026-46905
Critical

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards, affecting the Web Runtime Security component. It allows an unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools.

CVE-2026-46904
Critical

A vulnerability in Oracle's JD Edwards EnterpriseOne Tools product allows an unauthenticated attacker with network access to compromise JD Edwards EnterpriseOne Tools. Versions 9.2.0.0-9.2.26.2 are affected by this easily exploitable vulnerability.

CVE-2026-46902
Critical

Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite, affecting versions V15 and V16. It allows an unauthenticated attacker with network access via HTTPS to compromise Oracle Enterprise Command Center Framework.

CVE-2026-46901
Critical

Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite, affecting versions V15 and V16. It allows easy exploitation by a low privileged attacker, potentially leading to unauthorized access and modification of critical data.

CVE-2026-46900
Critical

Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite, affecting versions V15 and V16. Easily exploitable vulnerability allows low privileged attacker to remotely take control of Oracle Enterprise Command Center Framework.

CVE-2026-46899
Critical

Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite, affecting versions V15 and V16. Easily exploitable by a low privileged attacker, potentially leading to unauthorized access to critical data.

CVE-2026-46897
Critical

Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite (component: Core) affects versions V15 and V16. It allows an easily exploitable low privileged attacker with network access via HTTP to compromise Oracle Enterprise Command Center Framework.

CVE-2026-46896
Critical

Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite, affecting versions V15 and V16. Easily exploitable vulnerability allows a high privileged attacker to remotely take control of the Oracle Enterprise Command Center Framework.

CVE-2026-46895
Critical

Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite, affecting versions V15 and V16. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Enterprise Command Center Framework.

CVE-2026-46893
Critical

Vulnerability in JD Edwards EnterpriseOne General Ledger (E1 Foundation component) version 9.2. Allows a low-privileged attacker with network access via SMB to take over the system, potentially impacting additional products (scope change).

CVE-2026-46892
Critical

Vulnerability in JD Edwards EnterpriseOne Human Resources Management (version 9.2) allows an unauthenticated attacker to remotely compromise data confidentiality and integrity via HTTP. The attack can lead to unauthorized creation, deletion, or modification of critical data and full access to it.

PreviousPage 29 of 554Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS