7.5
CVE-2026-46835
- EPSS 0.27%
- Veröffentlicht 28.05.2026 20:17:15
- Zuletzt bearbeitet 03.06.2026 19:00:41
- Quelle secalert_us@oracle.com
- CVE-Watchlists
- Unerledigt
Vulnerability in the Net Service component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Net Service. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Net Service. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Oracle ≫ Database Server Version >= 23.4.0 <= 23.26.2
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.27% | 0.189 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secalert_us@oracle.com | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-400 Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource.
https://www.oracle.com/security-alerts/cspumay2026.html