CVE-2026-46859 – Oracle Agile PLM
“A critical vulnerability in product lifecycle management can expose the systems that drive product development and operations.”
This patch addresses CVE-2026-46859 in Oracle Agile PLM. The vulnerability affects Oracle's Product Lifecycle Management platform, which is widely used to manage product data, engineering processes, manufacturing workflows, and compliance requirements across enterprise environments.
CVE-2026-46859 has a CVSS score of 9.8, which is Critical severity.
No verified exploitation has been reported. However, the Critical severity rating indicates a significant risk to affected environments. Because Agile PLM often serves as a central repository for product and engineering information, organizations should prioritize this update to reduce exposure and protect critical business operations.
Key Details
- Affected Product
- Oracle Agile Plm
- Attack Vector
- Network
- Attack Complexity
- Low
- Privileges Required
- None
- User Interaction
- None
- CWE Classification
- CWE-287