Threat Intelligence Database

CVE-2026-46890 is a critical vulnerability in Oracle Siebel Apps - Marketing that allows an unauthenticated attacker with network access via HTTP to fully compromise the application. The vulnerability affects version 17.0 of the product. Exploitation can lead to complete takeover, impacting confidentiality, integrity, and availability. Oracle has published a Critical Security Patch Update advisory recommending prompt patching. No explicit patch version or fix details are provided in the advisory content. Mitigation includes applying Oracle's Critical Security Patch Update as soon as possible and potentially blocking network protocols required by the attack until patches are applied.

CVE-2026-46887 is a critical vulnerability in Oracle Siebel Apps - Marketing that allows an unauthenticated attacker with network access via HTTP to fully compromise the application. The vulnerability affects version 17.0 of the product. Successful exploitation can lead to complete takeover, impacting confidentiality, integrity, and availability. The vulnerability has a CVSS 3.1 base score of 9.8, indicating critical severity. Oracle has published a Critical Security Patch Update advisory recommending prompt patching to mitigate this and other vulnerabilities. No specific patch version is stated in the provided data, but Oracle strongly advises applying the June 2026 Critical Security Patch Update. Until patched, risk reduction may be possible by blocking required network protocols or restricting privileges, though these may impact functionality.

CVE-2026-46886 is a high-severity vulnerability in Oracle Siebel Apps - Marketing that allows a low privileged attacker with network access via HTTP to compromise the application. The vulnerability affects version 17.0 of Siebel Apps - Marketing. Successful exploitation can lead to full takeover of the affected component, impacting confidentiality, integrity, and availability. Oracle has included this vulnerability in its June 2026 Critical Security Patch Update advisory and strongly recommends applying the provided patches promptly. No explicit patch version or remediation level is stated in the advisory content, but Oracle emphasizes timely patch application to mitigate risk. Workarounds such as blocking network protocols or removing unnecessary privileges may reduce risk temporarily but could impact functionality.

CVE-2026-46884 is a critical vulnerability in Oracle Siebel Apps - Marketing that allows an unauthenticated attacker with network access via HTTP to fully compromise the application. The vulnerability affects version 17.0 of Siebel Apps - Marketing. Successful exploitation can lead to complete takeover of the affected system, impacting confidentiality, integrity, and availability. Oracle has published a Critical Security Patch Update advisory recommending prompt application of security patches to address this and other vulnerabilities. No explicit patch version or fix details are provided in the advisory excerpt, but Oracle strongly urges customers to apply the June 2026 Critical Security Patch Update without delay. Mitigations include blocking network protocols required for the attack and restricting privileges where possible, though these may affect application functionality.