// Alert

Oracle Health threat report

CVE-2026-46839, a critical vulnerability in Oracle REST Data Services (ORDS) Core component, allows low-privileged authenticated attackers to execute arbitrary code and gain full system control via path traversal. Affects versions 24.2.0–26.1.0 with CVSS 9.9. Oracle released a patch in May 2026; exploitation complexity is low and no public PoC exists as of early June 2026, but technical details suggest rapid weaponization is likely.

// Get alerts for Oracle Health