CVE-2026-46859 – Oracle Agile PLM

CVSS 9.8 CRITICAL Critical or Zero Day – Immediate Deployment

“A critical vulnerability in product lifecycle management can expose the systems that drive product development and operations.”

This patch addresses CVE-2026-46859 in Oracle Agile PLM. The vulnerability affects Oracle's Product Lifecycle Management platform, which is widely used to manage product data, engineering processes, manufacturing workflows, and compliance requirements across enterprise environments.

CVE-2026-46859 has a CVSS score of 9.8, which is Critical severity.

No verified exploitation has been reported. However, the Critical severity rating indicates a significant risk to affected environments. Because Agile PLM often serves as a central repository for product and engineering information, organizations should prioritize this update to reduce exposure and protect critical business operations.

Key Details

Affected Product
Oracle Agile Plm
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
CWE Classification
CWE-287
Patch this CVE on all your endpoints in under 5 minutes. First 200 endpoints are free forever, scale as needed.