Vulnerability in Oracle Receivables of Oracle E-Business Suite
CVE-2026-46927

8.1HIGH

Key Information:

Vendor: Oracle
Status: Oracle Receivables
Vendor: CVE Published:; 16 June 2026

What is CVE-2026-46927?

An access control vulnerability exists in the Oracle Receivables component of Oracle E-Business Suite, impacting supported versions between 12.2.3 and 12.2.15. This vulnerability can be exploited by unauthenticated attackers with network access via SOAP, potentially allowing for unauthorized takeover of the Oracle Receivables system. The risk includes serious implications for confidentiality, integrity, and availability of the product, emphasizing the need for prompt attention to security measures.

Affected Version(s)

Oracle Receivables 12.2.3 <= 12.2.15

References

https://www.oracle.com/security-alerts/cspujun2026.html

vendor-advisory

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 16, 2026
Vulnerability Reserved
May 18, 2026

CVE-2026-46927 Data

JSON