Oracle Enterprise Manager Cloud Control (June 2026 CSPU)

The 13.5 and 24.1 versions of Enterprise Manager Base Platform installed on the remote host are affected by multiple vulnerabilities as referenced in the June 2026 CSPU advisory. - Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Target...

CVE-2026-46875

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Deployment Library. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows high privileged attacker with network access via HTTPS to compromise...

CVE-2026-46866

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Agent Next Gen. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle...

CVE-2026-46867

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Extensibility Framework. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows high privileged attacker with network access via HTTPS to compromis...

CVE-2026-46868

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Extensibility Framework. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows high privileged attacker with network access via HTTPS to compromis...

CVE-2026-46864

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Agent Next Gen. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows low privileged attacker with network access via SSH to compromise Oracle...

CVE-2026-46865

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Extensibility Framework. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where...

CVE-2026-46872

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Install. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows high privileged attacker with network access via HTTPS to compromise Oracle...

CVE-2026-46858

Vulnerability in the APM - Application Performance Management product of Oracle Enterprise Manager component: JADM, JVM Diagnostics. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2026-46857

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Oracle Management Service. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromi...

CVE-2026-46854

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Target Management. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2026-46855

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Metadata Plugin. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracle...

CVE-2026-46856

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Metadata Plugin. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2026-46852

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Metadata Plugin. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracle...

CVE-2026-46853

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Metadata Plugin. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2026-46832

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Discovery Framework. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise...

Vulnerabilities are managed in Oracle Enterprise Manager

Oracle has identified several vulnerabilities in Oracle Enterprise Manager versions 13.5 and 24.1. The vulnerabilities in Oracle Enterprise Manager Base Platform versions 13.5 and 24.1 allow an attacker with low or no privileges, and access via HTTP or HTTPS, to gain complete control over the...

PT-2026-49964

Name of the Vulnerable Software and Affected Versions Oracle Enterprise Manager Base Platform version 13.5 Oracle Enterprise Manager Base Platform version 24.1 Description An issue exists in the Metadata Plugin component of the Oracle Enterprise Manager Base Platform. An unauthenticated attacker...

PT-2026-49965

Name of the Vulnerable Software and Affected Versions Oracle Enterprise Manager Base Platform version 13.5 Oracle Enterprise Manager Base Platform version 24.1 Description An issue exists in the Oracle Management Service component of the Oracle Enterprise Manager Base Platform. This flaw allows a...

PT-2026-49963

Name of the Vulnerable Software and Affected Versions Oracle Enterprise Manager Base Platform version 13.5 Oracle Enterprise Manager Base Platform version 24.1 Description An issue exists in the Metadata Plugin component of the Oracle Enterprise Manager Base Platform. A low privileged attacker wi...