CVE-2026-46784: Vulnerability in the WebCenter Content: Imaging product of Oracle Fusion Middleware (component: Core)
Vulnerability in the WebCenter Content: Imaging product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise WebCenter Content: Imaging. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all WebCenter Content: Imaging accessible data as well as unauthorized access to critical data or complete access to all WebCenter Content: Imaging accessible data. CVSS 3.1 Base Score 9.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).
Metrics
- CVSS v3.1
- 9.1
- Severity
- CRITICAL
- Fixed in
- —
- Affected Products
- 1
HarborGuard Analysis
Synopsis
This is an unauthenticated network-exploitable vulnerability in the Core component of Oracle WebCenter Content: Imaging, affecting versions 12.2.1.4.0 and 14.1.2.0.0. An attacker with HTTP access to the service needs no credentials and no victim interaction to exploit it. Successful exploitation gives the attacker full read access to all data the application can reach, plus the ability to create, modify, or delete critical content. HarborGuard tracks this advisory for patch availability and will make a patched-image rebuild available the moment Oracle publishes a fix.
HarborGuard Coverage
Detection for CVE-2026-46784 is available across every HarborGuard environment: the CVE is ingested from upstream feeds within minutes of publication and matched against all customer images, including custom-built images that package WebCenter Content: Imaging components.
AvailableHarborGuard scores this CVE at CVSS 9.1 (Critical) and surfaces it accordingly in each customer organization's alert queue, with per-environment compliance policy weighting applied so the right team receives the finding at the right priority level.
AvailableNo fix versions have been published by Oracle for this CVE. HarborGuard re-checks the advisory on every ingest cycle and will make a patched-image rebuild available automatically the moment an upstream fix is released; for customers with auto-remediation enabled, the rebuild, regression run, and PR against affected workloads will follow without manual intervention.
Pending upstreamExploit Conditions
- Network reachabilityRequired
The attacker must reach the WebCenter Content: Imaging service over the network via HTTP; no local or physical access is needed, making any internet- or intranet-exposed instance a direct target.
- AuthenticationNot required
No credentials of any kind are required; the vulnerable endpoint is fully accessible to unauthenticated requests.
- Victim interactionNot required
The attacker can exploit this vulnerability entirely on their own without any action from a logged-in user or administrator.
- Attack complexityDetail
The exploit is reliable and condition-free, with no race conditions or environmental dependencies the attacker must satisfy.
Blast Radius
- Reads all data accessible to the WebCenter Content: Imaging application, including stored documents, metadata, and any credentials or tokens the service holds.
- Creates new content or records within the imaging system, potentially injecting malicious documents or false records into business workflows.
- Modifies or deletes critical existing content, enabling data corruption, destruction of audit trails, or disruption of document-dependent business processes.
How HarborGuard Handles This
Available on HarborGuard: detection for this Critical (CVSS 9.1) CVE fires against any image in a customer registry or CI pipeline that carries affected versions of WebCenter Content: Imaging (12.2.1.4.0 or 14.1.2.0.0), with results routed according to each organization's compliance policy. Because Oracle has not yet published a fix, no patched-image rebuild is available at this time. HarborGuard re-checks the upstream advisory on every ingest cycle and will surface a patched rebuild automatically once Oracle ships a fix; for customers with auto-remediation enabled, the rebuild, regression run, and PR against affected workloads will trigger without manual steps. In the interim, teams should consider network-policy controls that restrict HTTP access to the WebCenter Content: Imaging service to known, trusted source IP ranges, egress filtering to limit lateral movement if the service is compromised, and feature-flag or deployment-level gating to take the service offline in environments where the exposure risk outweighs operational need.
- Oracle Corporation / WebCenter Content: Imaging12.2.1.4.0 · 14.1.2.0.0
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N