Internal Operations Vulnerability in Oracle E-Business Suite Financials for EMEA
CVE-2026-46969

7.2HIGH

Key Information:

Vendor: Oracle
Status: Oracle Financials For Emea
Vendor: CVE Published:; 16 June 2026

What is CVE-2026-46969?

A security flaw has been identified in Oracle Financials for EMEA within the Oracle E-Business Suite, affecting multiple versions from 12.2.3 to 12.2.15. This vulnerability allows an attacker with high privileges and network access via HTTP to potentially gain control over the financial software. If successfully exploited, the attacker could lead to severe consequences for confidentiality, integrity, and availability of the system. Organizations using affected versions are advised to review their security measures and apply the necessary patches provided in the Oracle Advisory.

Affected Version(s)

Oracle Financials for EMEA 12.2.3 <= 12.2.15

References

https://www.oracle.com/security-alerts/cspujun2026.html

vendor-advisory

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 16, 2026
Vulnerability Reserved
May 18, 2026

CVE-2026-46969 Data

JSON