Over 900 Oracle E-Business instances exposed to ongoing attacks
ID: 6968af47-a3b3-592f-b952-7450355dab91
STIX ID: report--6968af47-a3b3-592f-b952-7450355dab91
Feed Name: Bleeping Computer
Threat Score
**Executive summary:** A critical unauthenticated remote-takeover vulnerability (CVE-2026-46817, CVSS 9.8) in Oracle E-Business Suite's File Transmission / Oracle Payments is being actively exploited; Oracle released May 2026 patches and security firms (Defused, Shadowserver) observed exploitation attempts and roughly 950 exposed EBS instances online, prompting urgent patching recommendations.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
