Vulnerability in JD Edwards EnterpriseOne Tools by Oracle
CVE-2026-46906
9.6CRITICAL
What is CVE-2026-46906?
A security flaw exists in Oracle's JD Edwards EnterpriseOne Tools that allows a low-privileged attacker to exploit the vulnerability with network access via HTTP. This could lead to unauthorized manipulation of critical data, including creation, deletion, or modification of information. The vulnerability affects specific versions of the software, potentially compromising the integrity and confidentiality of the data managed by JD Edwards EnterpriseOne Tools. Attacks exploiting this issue may have far-reaching consequences, impacting not just the tools themselves, but the broader enterprise systems using them.
Affected Version(s)
JD Edwards EnterpriseOne Tools 9.2.0.0 <= 9.2.26.2