Installation Security Vulnerability in JD Edwards EnterpriseOne Tools by Oracle
CVE-2026-46913

9.3CRITICAL

Key Information:

Vendor

Oracle

Vendor
CVE Published:
16 June 2026

What is CVE-2026-46913?

A vulnerability has been identified in the Installation Security component of JD Edwards EnterpriseOne Tools from Oracle, allowing an unauthenticated attacker who can log on to the system infrastructure to gain inappropriate access. This threat not only compromises JD Edwards EnterpriseOne Tools itself but may also extend its impact across related products, leading to potential system takeover. Given the nature of the issue, it is crucial to assess and implement mitigations immediately to safeguard sensitive data and integrity.

Affected Version(s)

JD Edwards EnterpriseOne Tools 9.2.0.0 <= 9.2.26.2

References

CVSS V3.1

Score:
9.3
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.