Product

REST Data Services (24.2.0-26.1.0)

4 briefs RSS

CVE-2026-46829: Oracle REST Data Services Unauthenticated Denial of Service

An unauthenticated attacker with network access via HTTPS can exploit CVE-2026-46829 in Oracle REST Data Services versions 24.2.0 through 26.1.0, leading to a denial of service.

REST Data Services dos oracle rest CVE-2026-46829

2r 1t 1c 1h ago

medium advisory

CVE-2026-35266: Oracle REST Data Services Vulnerability Allows Unauthorized Data Access and Modification

2 rules 1 CVE

A vulnerability exists in Oracle REST Data Services versions 24.2.0 to 26.1.0, where a low-privileged attacker with network access via HTTPS can, with human interaction, gain unauthorized data access, modification, and cause a partial denial of service.

REST Data Services vulnerability oracle ords

2r 1c 2h ago

critical advisory

CVE-2026-46840 - Oracle REST Data Services Takeover Vulnerability

2 rules 1 CVE

CVE-2026-46840 is a critical vulnerability in Oracle REST Data Services (ORDS) that allows an unauthenticated attacker with network access to achieve complete takeover of the service, potentially impacting additional products due to scope change.

REST Data Services oracle rds rest vulnerability cve-2026-46840 takeover

2r 1c 2h ago

critical advisory

CVE-2026-46839: Oracle REST Data Services Vulnerability Allows Remote Takeover

2 rules 1 TTP 1 CVE

CVE-2026-46839 is an easily exploitable vulnerability in Oracle REST Data Services versions 24.2.0 through 26.1.0, allowing a low-privileged attacker with network access via HTTPS to compromise the service, potentially impacting other products and leading to a complete takeover.

REST Data Services cve rce oracle ords

2r 1t 1c 2h ago