Ords

A vulnerability exists in Oracle REST Data Services versions 24.2.0 to 26.1.0, where a low-privileged attacker with network access via HTTPS can, with human interaction, gain unauthorized data access, modification, and cause a partial denial of service.

CVE-2026-46839 is an easily exploitable vulnerability in Oracle REST Data Services versions 24.2.0 through 26.1.0, allowing a low-privileged attacker with network access via HTTPS to compromise the service, potentially impacting other products and leading to a complete takeover.