CVE-2026-46777
published 2026-06-17CVE-2026-46777: Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Supported versions that are affected are…
PriorityP262critical9.1CVSS 3.1
AVNACLPRNUINSUCHIHAN
EPSS
0.43%
34.1th percentile
Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Content. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle WebCenter Content accessible data as well as unauthorized access to critical data or complete access to all Oracle WebCenter Content accessible data. CVSS 3.1 Base Score 9.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| linux | linux_kernel | >= 0 < 4.4.0-279.313 | 4.4.0-279.313 |
| linux | linux_kernel | >= 0 < 4.15.0-248.260 | 4.15.0-248.260 |
| oracle | webcenter_content | — | — |
| oracle | webcenter_content | — | — |
| oracle_corporation | oracle_webcenter_content | — | — |
| oracle_corporation | oracle_webcenter_content | — | — |
CVSS provenance
nvdv3.19.1CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
cvelistv5v3.19.1CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
osv5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server).
ghsa_unreviewed·2026-06-17
CVE-2026-46777 [CRITICAL] CWE-284 Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server).
Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Content. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle WebCenter Content accessible data as well as unauthorized access to critical data or complete access to all Oracle WebCenter Content accessible data. CVSS 3.1 Base Score 9.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).
CVEList
CVE-2026-46777: Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server)
cvelistv5·2026-06-16·CVSS 9.1
CVE-2026-46777 [CRITICAL] CVE-2026-46777: Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server)
Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Content. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle WebCenter Content accessible data as well as unauthorized access to critical data or complete access to all Oracle WebCenter Content accessible data. CVSS 3.1 Base Score 9.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).
OSV
linux-gcp, linux-gcp-4.15, linux-gcp-fips vulnerabilities
osv·2026-04-06·CVSS 5.5
CVE-2024-46777 linux-gcp, linux-gcp-4.15, linux-gcp-fips vulnerabilities
linux-gcp, linux-gcp-4.15, linux-gcp-fips vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- Cryptographic API;
- UDF file system;
- NFC subsystem;
- Network traffic control;
(CVE-2024-46777, CVE-2025-21735, CVE-2025-37849, CVE-2026-23060,
CVE-2026-23074)
OSV
linux, linux-aws, linux-aws-hwe, linux-kvm, linux-oracle vulnerabilities
osv·2026-04-02·CVSS 5.5
CVE-2024-46777 linux, linux-aws, linux-aws-hwe, linux-kvm, linux-oracle vulnerabilities
linux, linux-aws, linux-aws-hwe, linux-kvm, linux-oracle vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- Cryptographic API;
- UDF file system;
- NFC subsystem;
- Network traffic control;
(CVE-2024-46777, CVE-2025-21735, CVE-2025-37849, CVE-2026-23060,
CVE-2026-23074)
OSV
linux-fips vulnerabilities
osv·2026-04-02·CVSS 5.5
CVE-2021-47142 linux-fips vulnerabilities
linux-fips vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
- GPU drivers;
- BTRFS file system;
- GFS2 file system;
- UDF file system;
- NFC subsystem;
- Network traffic control;
(CVE-2021-47142, CVE-2021-47145, CVE-2021-47254, CVE-2024-46777,
CVE-2025-21735, CVE-2026-23060, CVE-2026-23074)
OSV
linux-fips, linux-aws-fips vulnerabilities
osv·2026-04-02·CVSS 5.5
CVE-2024-46777 linux-fips, linux-aws-fips vulnerabilities
linux-fips, linux-aws-fips vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- Cryptographic API;
- UDF file system;
- NFC subsystem;
- Network traffic control;
(CVE-2024-46777, CVE-2025-21735, CVE-2025-37849, CVE-2026-23060,
CVE-2026-23074)
OSV
linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities
osv·2026-04-01·CVSS 5.5
CVE-2021-47142 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities
linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
- GPU drivers;
- BTRFS file system;
- GFS2 file system;
- UDF file system;
- NFC subsystem;
- Network traffic control;
(CVE-2021-47142, CVE-2021-47145, CVE-2021-47254, CVE-2024-46777,
CVE-2025-21735, CVE-2026-23060, CVE-2026-23074)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-06-17
Published