CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-46858

Vulnerability in the APM - Application Performance Management product of Oracle Enterprise Manager (component: JADM, JVM Diagnostics). Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise APM - Application Performance Management. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all APM - Application Performance Management accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of APM - Application Performance Management. CVSS 3.1 Base Score 9.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 35.5%

CVSS Severity

CVSS v3 Score 9.1

References

https://www.oracle.com/security-alerts/cspujun2026.html

Products affected by CVE-2026-46858

Oracle » Application Performance Management » Version: 13.5

cpe:2.3:a:oracle:application_performance_management:13.5
Oracle » Application Performance Management » Version: 24.1

cpe:2.3:a:oracle:application_performance_management:24.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-46858

Products

Pricing

Contact Us