Unauthenticated Remote Exploit in JD Edwards EnterpriseOne Tools by Oracle
CVE-2026-46880
9.8CRITICAL
What is CVE-2026-46880?
A security flaw exists in the JD Edwards EnterpriseOne Tools, which facilitates unauthorized network access. This vulnerability can be exploited by attackers without any authentication, allowing them to compromise affected systems. The flaw resides in the Enterprise Infrastructure Security component, enabling potential control over the JD Edwards EnterpriseOne Tools, leading to severe confidentiality, integrity, and availability impacts. Organizations using versions 9.2.0.0 through 9.2.26.2 should take immediate action to mitigate potential threats.
Affected Version(s)
JD Edwards EnterpriseOne Tools 9.2.0.0 <= 9.2.26.2