Unauthenticated Remote Code Execution Vulnerability in Oracle Enterprise Manager
CVE-2026-46857
9.8CRITICAL
Key Information:
- Vendor
Oracle
- Vendor
- CVE Published:
- 16 June 2026
What is CVE-2026-46857?
A vulnerability exists in Oracle Enterprise Manager Base Platform, specifically within the Oracle Management Service component. This flaw allows unauthenticated attackers with network access via HTTP to exploit the system easily. By successfully executing this exploit, attackers can compromise the functionality of the Oracle Enterprise Manager Base Platform, potentially leading to full system takeover. The affected versions include 13.5 and 24.1, making it imperative for users of these versions to assess their exposure and take necessary security measures.
Affected Version(s)
Oracle Enterprise Manager Base Platform 13.5
Oracle Enterprise Manager Base Platform 24.1