Unauthenticated Remote Vulnerability in Oracle JD Edwards EnterpriseOne Tools
CVE-2026-46910

9.1CRITICAL

Key Information:

Vendor

Oracle

Vendor
CVE Published:
16 June 2026

What is CVE-2026-46910?

A vulnerability in Oracle JD Edwards EnterpriseOne Tools allows an unauthenticated attacker with network access via HTTP to exploit the system. This issue affects multiple supported versions, leaving the software susceptible to unauthorized access to sensitive data and potential denial of service. A successful exploitation could compromise the confidentiality and availability of JD Edwards EnterpriseOne Tools, causing operational disruptions and exposing critical information.

Affected Version(s)

JD Edwards EnterpriseOne Tools 9.2.0.0 <= 9.2.26.2

References

CVSS V3.1

Score:
9.1
Severity:
CRITICAL
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.