A cybercriminal began exploiting CVE-2026-46817, a critical flaw in Oracle E-Business Suite’s payments processing feature, with researchers observing six attacks in a two-hour window. The activity may be an early sign of broader targeting against Oracle customers, following earlier campaigns tied to Clop ransomware and ShinyHunters. #CVE-2026-46817 #OracleE-BusinessSuite #Clop #ShinyHunters
Keypoints
- Defused detected six exploit attempts against Oracle E-Business Suite in just two hours.
- The attacks used a single IP address before any public proof-of-concept was available.
- Oracle patched CVE-2026-46817 in late May and rated it 9.8 severity.
- Shadowserver found about 950 potentially vulnerable Oracle E-Business Suite instances.
- Oracle has recently faced related attack activity from Clop ransomware and ShinyHunters.
Read More: https://cyberscoop.com/oracle-ebs-critical-vulnerability-exploited/