CVE Tools
Back to feed
SecurityWeek ·EN-US News source

Exploitation of Recent Oracle E-Business Suite Vulnerability Begins

By Ionut Arghire··1 min read
CVE Tools coverage

Threat actors have begun targeting a critical Oracle E-Business Suite (EBS) vulnerability tracked as CVE-2026-46817 (CVSS 9.8), with activity observed against the File Transmissions component in the Payments product. Oracle says unauthenticated attackers can exploit the issue over HTTP to take over Oracle Payments, making it a high-impact risk for organizations running EBS. The flaw was addressed in Oracle’s first monthly Critical Security Patch Update (CSPU) in late May, so defenders should prioritize patching to reduce exposure.