Oracle Database Net Service Unauth TLS Exploit CVE-2026-46833 (23.4.023.26.2): CVE-2026-46833 May 2026

Vulnerability in the Net Service component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Net Service. While the vulnerability is in Net Service, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Net Service. CVSS 3.1 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H).

Vulnerability Analysis

CVE-2026-46833 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to be critical as this vulnerability has a high impact to the confidentiality, integrity and availability of this component.

Attack Vector:

NETWORK

Attack Complexity:

HIGH

Privileges Required:

NONE

User Interaction:

NONE

Scope:

CHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

HIGH

Availability Impact:

HIGH

Products Associated with CVE-2026-46833

Want to know whenever a new CVE is published for Oracle Database Net Service? stack.watch will email you.

Oracle Database Net Service Unauth TLS Exploit CVE-2026-46833 (23.4.023.26.2)
CVE-2026-46833 Published on May 28, 2026

Vulnerability Analysis

Products Associated with CVE-2026-46833

Affected Versions

Oracle Database Net Service Unauth TLS Exploit CVE-2026-46833 (23.4.023.26.2)CVE-2026-46833 Published on May 28, 2026

Vulnerability Analysis

Products Associated with CVE-2026-46833

Affected Versions

Oracle Database Net Service Unauth TLS Exploit CVE-2026-46833 (23.4.023.26.2)
CVE-2026-46833 Published on May 28, 2026