CVE-2026-46965 – Oracle Universal Work Queue
“Critical workflow vulnerabilities can disrupt the systems that keep business operations moving.”
This patch addresses four vulnerabilities in Oracle Universal Work Queue. The update includes two Critical severity vulnerabilities and two High severity vulnerabilities affecting a platform used to route, prioritize, and manage work items across enterprise business processes and service operations.
CVE-2026-46963 has a CVSS score of 9.9, which is Critical severity. CVE-2026-46964 has a CVSS score of 9.9, which is Critical severity. CVE-2026-46965 has a CVSS score of 8.8, which is High severity. CVE-2026-46966 has a CVSS score of 7.5, which is High severity.
No verified exploitation has been reported. The presence of multiple Critical severity vulnerabilities within a workflow management platform makes this a high-priority update for organizations that depend on Oracle Universal Work Queue to support business-critical operations.
Key Details
- Affected Product
- Oracle Universal Work Queue
- Attack Vector
- Network
- Attack Complexity
- Low
- Privileges Required
- Low
- User Interaction
- None
- CWE Classification
- CWE-284