Vulnerability in JD Edwards EnterpriseOne Project Costing by Oracle
CVE-2026-46911
9.6CRITICAL
Key Information:
- Vendor
Oracle
- Vendor
- CVE Published:
- 16 June 2026
What is CVE-2026-46911?
A security flaw exists in Oracle's JD Edwards EnterpriseOne Project Costing that allows a low-privileged attacker with network access via JDENET to manipulate data. This vulnerability enables unauthorized creation, deletion, or modification of critical data, potentially impacting the confidentiality and integrity of the data within JD Edwards EnterpriseOne Project Costing. Exploitation of this vulnerability not only affects the Project Costing product but may also extend its impact to other interconnected systems. Organizations using affected versions are advised to implement security measures to mitigate risks.
Affected Version(s)
JD Edwards EnterpriseOne Project Costing 9.2