logo

Over 900 Oracle E-Business instances exposed to ongoing attacks

ID: 6968af47-a3b3-592f-b952-7450355dab91

STIX ID: report--6968af47-a3b3-592f-b952-7450355dab91

Feed Name: Bleeping Computer

Threat Score
80/100

Date Published: 2026-07-01

Date Updated: 2026-07-02

Author: Sergiu Gatlan

...
...

**Executive summary:** A critical unauthenticated remote-takeover vulnerability (CVE-2026-46817, CVSS 9.8) in Oracle E-Business Suite's File Transmission / Oracle Payments is being actively exploited; Oracle released May 2026 patches and security firms (Defused, Shadowserver) observed exploitation attempts and roughly 950 exposed EBS instances online, prompting urgent patching recommendations.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.