Accounts Payable Vulnerability in JD Edwards EnterpriseOne by Oracle
CVE-2026-46908
9.9CRITICAL
Key Information:
- Vendor
Oracle
- Vendor
- CVE Published:
- 16 June 2026
What is CVE-2026-46908?
An exploitable vulnerability exists in Oracle's JD Edwards EnterpriseOne Accounts Payable product version 9.2, allowing a low privileged attacker with network access via HTTP to gain control over the system. Although primarily affecting Accounts Payable, exploitation can induce significant adverse effects on related components, leading to potential compromise of sensitive information and overall system integrity. The nature of this vulnerability underscores the importance of prompt mitigation measures for affected users.
Affected Version(s)
JD Edwards EnterpriseOne Accounts Payable 9.2