Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed
ID: 6cc2555e-5d05-5f62-840c-b5914ed63b53
STIX ID: report--6cc2555e-5d05-5f62-840c-b5914ed63b53
Feed Name: Security Affairs
Oracle E-Business Suite vulnerability CVE-2026-46817 (affecting Oracle Payments 12.2.3–12.2.15) is reported to be under active attack; researchers warn that the flaw allows unauthenticated remote takeover over HTTP. Shadowserver has identified about 950 internet-facing EBS instances still exposed (mostly in the U.S.), Oracle issued a patch in its recent Critical Patch Update and urges immediate remediation, while technical details and public exploit proof-of-concept remain undisclosed.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
