top of page
perceptive_background_267k.jpg

Vulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows l…

Published:

27 mei 2026 om 22:00:00

Alert date:

28 mei 2026 om 22:04:22

Source:

nvd.nist.gov

Click to open the original link from this advisory

Enterprise Applications, Database & Storage, Web Technologies

Critical vulnerability in Oracle REST Data Services Core component affecting versions 24.2.0-26.1.0. Easily exploitable vulnerability allows low privileged attackers with network access via HTTPS to compromise the service. The vulnerability has a CVSS 3.1 Base Score of 9.9 with high impact on confidentiality, integrity, and availability. Successful exploitation can result in complete takeover of Oracle REST Data Services. The vulnerability may significantly impact additional products due to scope change. Attack vector is network-based with low attack complexity and no user interaction required.

Technical details

Mitigation steps:

Affected products:

Oracle REST Data Services

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-46839
https://www.oracle.com/security-alerts/cspumay2026.html

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page