CVE-2026-46773 – Oracle Unified Directory
“Critical directory service risks can weaken the identity backbone of the enterprise.”
This patch addresses three vulnerabilities in Oracle Unified Directory. The update includes two Critical severity vulnerabilities and one High severity vulnerability affecting Oracle’s directory services platform, which supports identity data, authentication flows, and enterprise access management.
CVE-2026-46773 has a CVSS score of 9.8, which is Critical severity. CVE-2026-46774 has a CVSS score of 9.8, which is Critical severity. CVE-2026-46776 has a CVSS score of 8.6, which is High severity.
No verified exploitation has been reported. The Critical severity ratings make this a high-priority update for organizations relying on Oracle Unified Directory for identity and access services.
Key Details
- Affected Product
- Oracle Unified Directory
- Attack Vector
- Network
- Attack Complexity
- Low
- Privileges Required
- None
- User Interaction
- None
- CWE Classification
- CWE-284