Threat Intelligence Database

CVE-2026-46926 is a high-severity vulnerability in Oracle's Siebel CRM Cloud Applications (component: Siebel Cloud Manager) affecting version 17.0. It allows a low privileged attacker with logon access to the infrastructure to fully compromise the Siebel CRM Cloud Applications, potentially impacting additional products. The vulnerability has a CVSS 3.1 base score of 8.8, indicating high confidentiality, integrity, and availability impacts. Oracle has included this vulnerability in its June 2026 Critical Security Patch Update advisory but has not explicitly stated a specific patch for this product version in the advisory content provided. Oracle strongly recommends applying Critical Security Patch Update patches promptly to mitigate risks. Until patches are applied, risk reduction may be possible by restricting network protocols required for exploitation and limiting user privileges, though these mitigations may affect application functionality.

CVE-2026-46925 is a high-severity vulnerability in Oracle Siebel CRM Cloud Applications (Siebel Cloud Manager component) affecting version 17.0. It allows an unauthenticated attacker with access to the physical communication segment attached to the hardware running the application to compromise the system. Successful exploitation can lead to full takeover of Siebel CRM Cloud Applications and may impact additional products. The vulnerability has a CVSS 3.1 base score of 8.3, indicating high confidentiality, integrity, and availability impacts. Oracle has published a Critical Security Patch Update advisory recommending prompt patching and mitigation steps. No explicit patch or fix version is stated in the advisory for this vulnerability, so patch status is not yet confirmed. Oracle strongly advises applying security patches without delay and suggests network protocol blocking and privilege restriction as temporary mitigations.

CVE-2026-46921 is a high-severity vulnerability in Oracle Siebel CRM Cloud Applications (component: Siebel Cloud Manager) affecting version 17.0. It allows a low privileged attacker with network access via HTTP to compromise the application, potentially leading to full takeover. The vulnerability has a CVSS 3.1 base score of 8.8, indicating high impact on confidentiality, integrity, and availability. Oracle has published a Critical Security Patch Update advisory recommending prompt patching. No explicit patch version is stated in the input data, but Oracle strongly advises applying the June 2026 Critical Security Patch Update. Mitigations include applying patches promptly and restricting network access or privileges where feasible until patched.

CVE-2026-46920 is a high-severity vulnerability in Oracle Siebel CRM Cloud Applications (Siebel Cloud Manager component) affecting version 17.0. It allows an unauthenticated attacker with network access via HTTP to potentially compromise the application, leading to full takeover. The vulnerability has a CVSS 3.1 base score of 8.1, indicating high impact on confidentiality, integrity, and availability. Oracle has published a Critical Security Patch Update advisory recommending prompt patching. No explicit patch version is stated for Siebel CRM Cloud Applications in the advisory, but Oracle strongly urges applying the June 2026 Critical Security Patch Update to mitigate this and other vulnerabilities. Mitigations include applying the security patches as soon as possible and potentially blocking network protocols required by the attack, though this may affect functionality.

CVE-2026-46919 is a critical vulnerability in Oracle Siebel CRM Cloud Applications (Siebel Cloud Manager component) affecting version 17.0. It allows an unauthenticated attacker with network access via HTTP to fully compromise the application, potentially leading to complete takeover. The vulnerability has a CVSS 3.1 base score of 9.8, indicating high impact on confidentiality, integrity, and availability. Oracle has published a Critical Security Patch Update advisory recommending prompt patching. No explicit patch version is stated in the input data, but Oracle strongly urges applying the June 2026 Critical Security Patch Update to mitigate this and other vulnerabilities. Workarounds include blocking required network protocols or removing unnecessary privileges, though these may impact functionality.