Active exploitation begins for critical Oracle E-Business Suite vulnerability CVE-2026-46817
4d ago· 1 min readenNews
Summary
A critical unauthenticated remote code execution vulnerability (CVE-2026-46817, CVSS 9.9) in Oracle E-Business Suite's Payments component is now being actively exploited in the wild. The flaw, fixed in Oracle's late May Critical Security Patch Update, allows attackers to take over Oracle Payments over HTTP without authentication. Security firm Defused detected initial exploitation attempts hitting EBS honeypots over the weekend, with no prior public proof-of-concept available. Organizations are urged to apply patches promptly.
Source
Key quotes
· 4 pulledCVE-2026-46817 has a CVSS score of 9.8 and affects the File Transmissions component within the Payments product of Oracle E-Business Suite.
Unauthenticated attackers can exploit the flaw over HTTP to compromise Payments, and successful exploitation can result in takeover of Oracle Payments.
Defused observed initial exploitation attempts hitting EBS honeypots over the weekend, with no prior in-the-wild reports and no public proof-of-concept available.
Organizations are advised to apply Oracle patches promptly because EBS and other Oracle products are frequently targeted in attack campaigns.
CVE-2026-46817 has a CVSS score of 9.8 and affects the File Transmissions component within the Payments product of Oracle E-Business Suite. Oracle states unauthenticated attackers can exploit the flaw over HTTP to compromise Payments, and successful explo
You might also wanna read
Oracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the Wild
thehackernews.com·4d ago
WAF - WAF Release - 2025-10-30 - Emergency
Cloudflare·8mo ago
WAF - WAF Release - 2025-10-20
Cloudflare·8mo ago
WAF - WAF Release - 2025-10-06
Cloudflare·9mo ago
WAF - WAF Release - 2025-11-03
Cloudflare·8mo ago
Critical Redis Security Vulnerability CVE-2025-49844 Allows Remote Code Execution
Redis has identified and fixed a critical security vulnerability (CVE-2025-49844) that allows authenticated users to execute remote code thr

Comments
Sign in to join the conversation.
No comments yet. Be the first.