› 11:34:45 NCSC-NL CVE-2026-20230 Cisco Unified Communications Manager · › 06:28:25 CERT-EE — May saw the highest number of cyber incidents with an impact recorded… · › 14:18:39 CCB CVE-2026-7312 Multiple Critical Vulnerabilities in Progress Sitefinity · › 11:52:25 BSI CVE-2026-40385 libexif: Mehrere Schwachstellen ermöglichen Denial of Service und Off… · › 11:52:24 BSI CVE-2026-25679 Golang Go: Mehrere Schwachstellen ermöglichen nicht spezifizierten An… · › 11:52:23 BSI CVE-2025-61732 Golang Go: Mehrere Schwachstellen · › 11:52:22 BSI CVE-2025-61726 Golang Go: Mehrere Schwachstellen · › 11:47:39 BSI CVE-2026-33845 GnuTLS: Mehrere Schwachstellen · › 11:47:37 BSI CVE-2026-34986 Red Hat Enterprise Linux (go-jose): Schwachstelle ermöglicht Denial o… · › 11:47:35 BSI CVE-2026-33186 Red Hat OpenShift Container Platform (gRPC-Go): Schwachstelle ermögli… · › 11:47:33 BSI CVE-2026-27140 Golang Go: Mehrere Schwachstellen · › 11:47:32 BSI CVE-2026-35385 OpenSSH: Mehrere Schwachstellen ·

Critique CCB · Belgique CVE-2026-46840

Multiple Vulnerabilities in Oracle Products

Publié 29 mai 2026 à 14:43

Description

We want to highlight the following vulnerabilities due to their severity and potential impact. CVE-2026-46840 affects the Backend-as-a-Service component of Oracle REST Data Services versions 24.2.0 through 26.1.0. The vulnerability is easily exploitable by an unauthenticated attacker with network access via HTTPS, requiring no user interaction. Oracle has indicated a scope change, meaning exploitation can extend impact beyond the directly vulnerable product to other dependent systems. Successful exploitation results in full takeover of Oracle REST Data Services. CVE-2026-46817 affects the File Transmission component of the Oracle Payments module within Oracle E-Business Suite versions 12.2.3 through 12.2.15. The vulnerability is easily exploitable by an unauthenticated attacker with networ