CVE-2026-35295 – Oracle WebCenter Sites
“A public-facing content platform only needs one critical weakness to create a major business problem.”
Oracle WebCenter Sites has been updated to address eleven vulnerabilities spanning critical and high severity levels. CVE-2026-46798 and CVE-2026-46800 each have a CVSS score of 10.0, which is Critical severity. CVE-2026-35293, CVE-2026-35296, CVE-2026-46797, CVE-2026-46799, and CVE-2026-46801 each have a CVSS score of 9.8, which is Critical severity. CVE-2026-46809 has a CVSS score of 9.1, which is Critical severity.
The update also addresses several High severity vulnerabilities. CVE-2026-35318 has a CVSS score of 8.8, which is High severity. CVE-2026-46796 has a CVSS score of 8.0, which is High severity. CVE-2026-35295 has a CVSS score of 7.5, which is High severity. No verified exploitation information was provided for any of the vulnerabilities included in this update.
Key Details
- Affected Product
- Oracle Webcenter Sites
- Attack Vector
- Network
- Attack Complexity
- High
- Privileges Required
- Low
- User Interaction
- None
- CWE Classification
- CWE-306