CVE-2026-35319 – Oracle WebCenter Content
“This patch closes a large cluster of serious WebCenter Content risks before they can turn into business disruption.”
Oracle WebCenter Content has been updated to address 26 vulnerabilities across critical and high severity levels. The critical vulnerabilities are CVE-2026-35270, CVE-2026-35286, CVE-2026-35316, CVE-2026-35319, CVE-2026-35320, CVE-2026-35321, CVE-2026-35323, CVE-2026-46766, CVE-2026-46777, CVE-2026-46785, CVE-2026-46786, CVE-2026-46789, CVE-2026-46795, CVE-2026-46805, and CVE-2026-46813. Their CVSS scores are 9.1, 9.8, 9.9, 9.8, 9.0, 9.9, 9.9, 9.8, 9.1, 9.3, 9.6, 9.6, 9.3, 9.3, and 9.8, which are Critical severity.
The high severity vulnerabilities are CVE-2026-35315, CVE-2026-35317, CVE-2026-35322, CVE-2026-35324, CVE-2026-35325, CVE-2026-46787, CVE-2026-46788, CVE-2026-46804, CVE-2026-46806, CVE-2026-46808, and CVE-2026-35326. Their CVSS scores are 8.8, 8.8, 8.8, 8.8, 8.8, 8.0, 8.4, 8.7, 8.2, 8.7, and 7.2, which are High severity.
Key Details
- Affected Product
- Oracle Webcenter Content
- Attack Vector
- Network
- Attack Complexity
- Low
- Privileges Required
- None
- User Interaction
- None
- CWE Classification
- CWE-284