Internal Operations Vulnerability in Oracle E-Business Suite iSupport
CVE-2026-46946

9.1CRITICAL

Key Information:

Vendor: Oracle
Status: Oracle Isupport
Vendor: CVE Published:; 16 June 2026

What is CVE-2026-46946?

A vulnerability exists in Oracle iSupport, part of the Oracle E-Business Suite, allowing a high privileged attacker with network access via HTTP to compromise the application. This vulnerability may lead to unauthorized takeover of the iSupport product and can significantly impact related products due to a change in the scope of the attack. Security measures should be promptly implemented to mitigate potential risks associated with this issue.

Affected Version(s)

Oracle iSupport 12.2.3 <= 12.2.15

References

https://www.oracle.com/security-alerts/cspujun2026.html

vendor-advisory

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 16, 2026
Vulnerability Reserved
May 18, 2026

CVE-2026-46946 Data

JSON