Description

Vulnerability in the Net Service component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Net Service. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Net Service. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

Remediation

References

CVE-2026-46835

Related Vulnerabilities

WordPress Plugin FV Flowplayer Video Player Cross-Site Scripting (7.5.18.727)

WP Plugin Advanced Custom Fields Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-24241)

PHP Improper Input Validation Vulnerability (CVE-2015-8873)

WordPress Plugin YAWPP (Yet Another WordPress Petition Plugin) SQL Injection (1.2)

WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Cross-Site Request Forgery (4.4.3)

Severity

High

Classification

CVE-2026-46835 CWE-400 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities