CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.01)

CVE-2026-46890
Critical

Vulnerability in the Siebel Apps - Marketing product of Oracle Siebel CRM allows an unauthenticated attacker with network access via HTTP to compromise the application. Affected versions are 17.0-26.5.

CVE-2026-46889
Critical

Vulnerability in the Siebel Apps - Marketing product of Oracle Siebel CRM allows an unauthenticated attacker with network access via HTTP to compromise the application. Affected versions are 17.0-26.5.

CVE-2026-46887
Critical

Vulnerability in the Siebel Apps - Marketing product of Oracle Siebel CRM allows an unauthenticated attacker with network access via HTTP to compromise the application. Affected versions are 17.0-26.5.

CVE-2026-46884
Critical

A vulnerability in the Siebel Apps - Marketing product of Oracle Siebel CRM allows an unauthenticated attacker with network access via HTTP to compromise the application. Supported versions affected are 17.0-26.5.

CVE-2026-46883
Critical

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards, affecting the Enterprise Infrastructure Security component. It allows an unauthenticated attacker with network access via JDENET to compromise JD Edwards EnterpriseOne Tools.

CVE-2026-46882
Critical

A vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle allows an unauthenticated attacker with network access to compromise JD Edwards EnterpriseOne Tools. Affected versions are 9.2.0.0-9.2.26.2.

CVE-2026-46881
Critical

A vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle allows an unauthenticated attacker with network access to compromise JD Edwards EnterpriseOne Tools. Affected versions are 9.2.0.0-9.2.26.2.

CVE-2026-46880
Critical

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards, affecting the enterprise infrastructure security component. Versions 9.2.0.0-9.2.26.2 are susceptible to easily exploitable attacks that can lead to takeover of JD Edwards EnterpriseOne Tools.

CVE-2026-46879
Critical

A vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle allows an unauthenticated attacker with network access to compromise JD Edwards EnterpriseOne Tools. Versions 9.2.0.0-9.2.26.2 are affected by this easily exploitable flaw.

CVE-2026-46878
Critical

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards, affecting the Enterprise Infrastructure Security component. It allows an unauthenticated attacker with network access via JDENET to compromise JD Edwards EnterpriseOne Tools.

CVE-2026-46875
Critical

A vulnerability in the Oracle Enterprise Manager Base Platform product (Deployment Library) allows a high privileged attacker with network access via HTTPS to compromise the platform. Affected versions are 13.5 and 24.1.

CVE-2026-46872
Critical

Vulnerability in the Oracle Enterprise Manager Base Platform product allows a high privileged attacker with network access via HTTPS to compromise the system. Attacks may significantly impact additional products, leading to unauthorized access to critical data and the ability to cause system crashes.

CVE-2026-46861
Critical

Vulnerability in the MySQL NDB Cluster product of Oracle MySQL allows a low privileged attacker with network access via HTTP to compromise the MySQL NDB Cluster. Attacks may significantly impact additional products, changing the scope of the threat.

CVE-2026-46860
Critical

Vulnerability in the MySQL Router product of Oracle MySQL allows an unauthenticated attacker with network access via HTTP to compromise MySQL Router. Affected versions are 9.0.0-9.7.0.

CVE-2026-46859
Critical

Vulnerability in the Oracle Agile PLM product that allows an unauthenticated attacker with network access to remotely take over the system. Version 9.3.6 is particularly vulnerable.

CVE-2026-46858
Critical

A vulnerability in the APM - Application Performance Management product of Oracle Enterprise Manager (component: JADM, JVM Diagnostics) allows easy exploitation by an unauthenticated attacker with network access via HTTP. It can lead to unauthorized creation, deletion, or modification of critical data and complete denial of service of APM.

CVE-2026-46857
Critical

Vulnerability in the Oracle Enterprise Manager Base Platform product allows an unauthenticated attacker with network access via HTTP to take over the platform. Affected versions are 13.5 and 24.1.

CVE-2026-46856
Critical

Vulnerability in the Oracle Enterprise Manager Base Platform product, concerning the Metadata Plugin, affects versions 13.5 and 24.1. It allows easy exploitation by an unauthenticated attacker with network access via HTTP, potentially leading to the takeover of the Oracle Enterprise Manager Base Platform.

CVE-2026-46855
Critical

Vulnerability in the Oracle Enterprise Manager Base Platform product, affecting the Metadata Plugin component, concerns versions 13.5 and 24.1. It allows an easily exploitable attack by a low privileged attacker with network access via HTTPS, potentially leading to the takeover of the Oracle Enterprise Manager Base Platform.

CVE-2026-46854
Critical

A vulnerability in the Oracle Enterprise Manager Base Platform product allows a low privileged attacker with network access via HTTP to compromise the platform. Affects versions 13.5 and 24.1, and attacks may significantly impact additional products.

PreviousPage 30 of 554Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS