BleepingComputer ·EN-US News source
Hackers now exploit critical Oracle E-Business flaw in attacks
CVE Tools coverage
Threat actors are actively exploiting a critical issue in Oracle E-Business Suite (EBS) that tracks as CVE-2026-46817. The weakness affects the File Transmission component within Oracle Payments and allows unauthenticated attackers with HTTP network access to take over vulnerable systems. Oracle has released fixes in its May 2026 Critical Security Patch Update, and the public exploitation increase makes prompt patching especially important for exposed EBS instances.