Vulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows l…

A critical vulnerability (CVE-2026-46775) has been discovered in Oracle REST Data Services Core component affecting versions 24.2.0-26.1.0. The vulnerability is easily exploitable and allows low-privileged attackers with network access via HTTPS to compromise the service. Successful exploitation can result in complete takeover of Oracle REST Data Services and may significantly impact additional products due to scope change. The vulnerability has a CVSS 3.1 Base Score of 9.9, indicating maximum impact on confidentiality, integrity, and availability. The attack vector is network-based with low complexity, requiring only low privileges and no user interaction.