CVE-2026-46774 – Oracle Unified Directory

CVSS 9.8 CRITICAL Critical or Zero Day – Immediate Deployment

“Critical directory service risks can weaken the identity backbone of the enterprise.”

This patch addresses three vulnerabilities in Oracle Unified Directory. The update includes two Critical severity vulnerabilities and one High severity vulnerability affecting Oracle’s directory services platform, which supports identity data, authentication flows, and enterprise access management.

CVE-2026-46773 has a CVSS score of 9.8, which is Critical severity. CVE-2026-46774 has a CVSS score of 9.8, which is Critical severity. CVE-2026-46776 has a CVSS score of 8.6, which is High severity.

No verified exploitation has been reported. The Critical severity ratings make this a high-priority update for organizations relying on Oracle Unified Directory for identity and access services.

Key Details

Affected Product
Oracle Unified Directory
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
CWE Classification
CWE-284
Patch this CVE on all your endpoints in under 5 minutes. First 200 endpoints are free forever, scale as needed.