Vulnerability in Oracle Enterprise Manager's Agent Next Gen Component
CVE-2026-46864

8.8HIGH

Key Information:

Vendor

Oracle

Vendor
CVE Published:
16 June 2026

What is CVE-2026-46864?

A security flaw exists in the Agent Next Gen component of Oracle Enterprise Manager, allowing a low-privileged attacker with network access via SSH to compromise the Oracle Enterprise Manager Base Platform. This vulnerability can potentially lead to a complete takeover of the platform, resulting in significant impacts on confidentiality, integrity, and availability. Users of Oracle Enterprise Manager versions 13.5 and 24.1 should take immediate action to mitigate the risks associated with this issue.

Affected Version(s)

Oracle Enterprise Manager Base Platform 13.5

Oracle Enterprise Manager Base Platform 24.1

References

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.