Hackers now exploit critical Oracle E-Business flaw in attacks

Hackers now exploit critical Oracle E-Business flaw in attacks

Attackers have begun exploiting a critical vulnerability (CVE-2026-46817) in the Oracle E-Business Suite (EBS) financial application, according to threat intelligence company Defused. [...]

Oracle E-Business Suite Payments flaw under attack (CVE-2026-46817)

Exploitation attempts targeting a critical vulnerability (CVE-2026-46817) in Oracle Payments, the payment-processing module within Oracle’s E-Business Suite (EBS), have been spotted over the weekend, threat intelligence company Defused warned on Monday. The detected exploitation attempts (Source: Defused) “On 27 June 2026 our Oracle E-Business Suite decoys recorded the first in-the-wild exploitation of CVE-2026-46817 — roughly six weeks after Or…

Exploitation of Recent Oracle E-Business Suite Vulnerability Begins

The critical-severity defect allows unauthenticated attackers to take over the E-Business Suite’s Payments product. The post Exploitation of Recent Oracle E-Business Suite Vulnerability Begins appeared first on SecurityWeek.

Attackers actively exploit the Oracle E-Business Suite flaw CVE-2026-46817

Attackers actively exploit the Oracle E-Business Suite flaw CVE-2026-46817

Oracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the Wild

A critical security flaw impacting Oracle E-Business Suite has come under active exploitation in the wild, according to Defused Cyber. The vulnerability, tracked as CVE-2026-46817 (CVSS score: 9.8), refers to an improper privilege management and authentication flaw in Oracle Payments that could be abused to take over susceptible instances. "Easily exploitable vulnerability allows