{"@context":"https://openvex.dev/ns/v0.2.0","@id":"https://database.harborguard.co/cve/CVE-2026-46907/vex.json","author":"HarborGuard Database","role":"Document Creator","timestamp":"2026-06-16T19:27:49.253Z","version":1,"tooling":"HarborGuard Database (https://database.harborguard.co)","statements":[{"vulnerability":{"name":"CVE-2026-46907","@id":"https://www.cve.org/CVERecord?id=CVE-2026-46907","description":"Vulnerability in the JD Edwards EnterpriseOne Order Promising product of Oracle JD Edwards (component: Order Promising Integration).   The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Order Promising.  While the vulnerability is in JD Edwards EnterpriseOne Order Promising, attacks may significantly impact additional products (scope change).  Successful attacks of this"},"products":[{"@id":"cpe:2.3:a:oracle_corporation:jd_edwards_enterpriseone_order_promising:9.2:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:oracle_corporation:jd_edwards_enterpriseone_order_promising:9.2:*:*:*:*:*:*:*"}}],"status":"affected","action_statement":"No fixed version is published yet; monitor the upstream advisory.","timestamp":"2026-06-16T19:27:49.253Z"}]}