logo

Oracle E-Business Suite was under attack via critical flaw before the public exploit code was even released

ID: 5c5ec191-a181-583f-a677-23ef4849d6cc

STIX ID: report--5c5ec191-a181-583f-a677-23ef4849d6cc

Feed Name: The Register (Security)

Threat Score
78/100

Date Published: 2026-07-02

Date Updated: 2026-07-02

...
...

Researchers observed limited but targeted exploitation of CVE-2026-46817 in Oracle E-Business Suite Payments shortly after Oracle's patch and before public exploit code was available; the critical (CVSS 9.8) flaw allows unauthenticated arbitrary file reads and the activity suggests an attacker who reverse-engineered the patch or had access to a private exploit.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.