Remote Code Execution in Oracle Enterprise Manager Base Platform
CVE-2026-46872
9CRITICAL
Key Information:
- Vendor
Oracle
- Vendor
- CVE Published:
- 16 June 2026
What is CVE-2026-46872?
A vulnerability exists in the Oracle Enterprise Manager Base Platform that allows privileged attackers with network access via HTTPS to exploit critical system components. Affected versions 13.5 and 24.1 are susceptible to unauthorized creation, deletion, and modification of critical data. Furthermore, the flaw permits unauthorized read access to sensitive information and could lead to denial of service conditions, including frequent crashes of Oracle Enterprise Manager services. This vulnerability has wide-reaching implications that may affect other Oracle products within the ecosystem.
Affected Version(s)
Oracle Enterprise Manager Base Platform 13.5
Oracle Enterprise Manager Base Platform 24.1