Zero Day MonitorZDM

← Back to list

7.8

CVE-2026-46888EXPLOITEDPATCHED

oracle · siebel crm deployment

CVE-2026-46888: Vulnerability in the Siebel CRM Deployment product of Oracle Siebel CRM (component: Database Upgrade). Supported versio

Description

Vulnerability in the Siebel CRM Deployment product of Oracle Siebel CRM (component: Database Upgrade). Supported versions that are affected are 17.0-26.5. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Siebel CRM Deployment executes to compromise Siebel CRM Deployment. Successful attacks of this vulnerability can result in takeover of Siebel CRM Deployment. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

Affected Products

Vendor	Product	Versions
oracle	siebel crm deployment	17.0

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
oracle	siebel crm	cert_advisory	90%

References

https://www.oracle.com/security-alerts/cspujun2026.html(vendor-advisory)

Related News (2 articles)

Tier B

BSI Advisories3h ago

[NEU] [hoch] Oracle Siebel CRM: Mehrere Schwachstellen

→ No new info (linked only)

Tier C

VulDB7h ago

CVE-2026-46888 | Oracle Siebel CRM Deployment up to 26.5 Database Upgrade Local Privilege Escalation

→ No new info (linked only)

CVSS 3.17.8 CRITICAL

VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

https://www.oracle.com/security-alerts/cspujun2026.html

PublishedJun 16, 2026

Last enriched7h agov2

Trending Score61

Source articles2

Independent2

Info Completeness8/14

Missing: epss, cwe, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

CRITICALCVE-2026-35273EXPKEV

CVE-2026-35273: Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Updates Environment Mana

CRITICALCVE-2026-46851EXP

CVE-2026-46851: Vulnerability in the PeopleSoft Enterprise CS Campus Community product of Oracle PeopleSoft (component: Security). The

CRITICALCVE-2026-35275EXP

CVE-2026-35275: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Shared Folders). The supported

CRITICALCVE-2026-46914EXP

CVE-2026-46914: Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The supported version that is a

CRITICALCVE-2026-46849EXP

CVE-2026-46849: Vulnerability in the PeopleSoft Enterprise CS Student Financials product of Oracle PeopleSoft (component: Other). The

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Jun 16, 2026

Actively Exploited

Jun 16, 2026

Patch Available

Jun 16, 2026

Discovered by ZDM

Jun 16, 2026

Updated: severity, activelyExploited

Jun 17, 2026

Version History

v2

Last enriched 7h ago

v2Tier C7h ago

Updated severity to CRITICAL, marked exploit as not available, and noted that the vulnerability is actively exploited.

severityactivelyExploited

via VulDB

v115h ago

Initial creation