CVE-2026-46913 – JD Edwards EnterpriseOne Tools

CVSS 9.3 CRITICAL Critical or Zero Day – Immediate Deployment

“A broad set of critical ERP tool vulnerabilities can put the business platform itself at risk.”

This patch addresses fourteen vulnerabilities in Oracle JD Edwards EnterpriseOne Tools. The update includes thirteen Critical severity vulnerabilities and one High severity vulnerability affecting a core ERP platform component that supports enterprise application operations, administration, and business workflows.

CVE-2026-46878, CVE-2026-46879, CVE-2026-46880, CVE-2026-46881, CVE-2026-46882, CVE-2026-46883, CVE-2026-46904, CVE-2026-46905, and CVE-2026-46909 each have a CVSS score of 9.8, which is Critical severity. CVE-2026-46906 has a CVSS score of 9.6, which is Critical severity. CVE-2026-46910 has a CVSS score of 9.1, which is Critical severity. CVE-2026-46912 and CVE-2026-46913 each have a CVSS score of 9.3, which is Critical severity. CVE-2026-46903 has a CVSS score of 8.8, which is High severity.

No verified exploitation has been reported. The volume and severity of these vulnerabilities make this a high-priority update for JD Edwards environments.

Key Details

Affected Product
Oracle Jd Edwards Enterpriseone Tools
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
CWE Classification
CWE-284
Patch this CVE on all your endpoints in under 5 minutes. First 200 endpoints are free forever, scale as needed.