Skip to main content
Mallory
Back to vulnerabilities
Unrated

Unauthenticated takeover in Oracle Enterprise Command Center Framework Core

IdentifiersCVE-2026-46902

CVE-2026-46902 is a critical vulnerability in the Core component of Oracle Enterprise Command Center Framework, part of Oracle E-Business Suite. Oracle indicates that supported versions V15 and V16 are affected. The issue is remotely exploitable over HTTPS by an unauthenticated attacker and requires only network access to the exposed service. Oracle states that successful exploitation can result in compromise or takeover of Oracle Enterprise Command Center Framework. The provided advisory does not disclose the precise vulnerable function, code path, or root cause class, so more specific technical characterization is currently not available.

Share:
For your environment

Are you exposed to this one?

Mallory correlates every CVE against your assets, your vendors, and active adversary campaigns. Know which vulnerabilities matter for you, not just which ones are loud.

Start free trial
ANALYST BRIEF

Impact, mitigation & remediation

What it means. What to do now. Patch path, mitigations, and the assume-compromise checklist.

Impact

What an attacker gets, and what they’ve been doing with it.

Successful exploitation can lead to full compromise of the Oracle Enterprise Command Center Framework instance, with high impact to confidentiality, integrity, and availability. In practical terms, this implies an unauthenticated remote attacker may be able to gain control over the affected application, access sensitive data handled by the framework, modify application state or content, and disrupt service operation. Oracle assigns CVSS 3.1 9.8 with impacts C:H/I:H/A:H.

Mitigation

If you can’t patch tonight, do this now.

If immediate patching is not possible, reduce exposure by restricting or blocking network access to the vulnerable HTTPS service to only trusted sources, and remove unnecessary privileges or access paths associated with the affected application where operationally feasible. Oracle notes that protocol blocking or privilege reduction may affect application functionality, should be validated in non-production environments first, and is not a substitute for applying the vendor patch.

Remediation

Patch, then assume compromise.

Apply the June 2026 Oracle Critical Security Patch Update addressing CVE-2026-46902. Oracle recommends patching as soon as possible and remaining on actively supported product versions so security fixes are available. For affected Oracle Enterprise Command Center Framework deployments on V15 and V16, upgrade or apply the vendor-provided fixed release/update as specified by Oracle.
PUBLIC EXPLOITS

Exploits

No public exploits tracked yet. Mallory keeps watching.

VALID 0 / 0 TOTALView more in app

No public exploit code observed for this vulnerability.

EXPOSURE SURFACE

Affected products & vendors

Products and vendors Mallory has correlated with this vulnerability. Open in Mallory to drill down to specific CPE configurations and version ranges.

VendorProductType
OracleEnterprise Command Center Frameworkapplication

Vendor-confirmed product mapping. Mallory continuously reconciles this list against your asset inventory.

ACTIVITY FEED

Recent activity

2 sources tracked across advisories and community write-ups. News coverage will land here when it surfaces.

2 SOURCESView more in app

No news coverage yet. Advisories and community discussion only.

What this page doesn’t show

The version that knows your environment.

This page is what’s public. Mallory adds the parts that aren’t: which of your assets are affected, which adversaries are exploiting it right now, which detections to deploy, and what to do tonight.
Start free trial
Exposure mapping

Query your assets running an affected version, and investigate the blast radius.

Threat actor evidence

Every observed campaign linking this CVE to a named adversary.

Associated malware

Malware families riding this exploit, with evidence and IOCs.

Detection signatures

YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.

Vendor-by-vendor mapping

Cross-references every affected SKU, including bundled OEM variants.

Social activity1

Community discussion across Reddit, Mastodon, and other social sources.

EXTERNAL REFERENCES
MITRE CVE
cve.org · CVE-2026-46902
NVD
nvd.nist.gov/vuln/detail/CVE-2026-46902