Researchers spot exploitation of another critical Oracle defect

Researchers spot exploitation of another critical Oracle defect
A cybercriminal began exploiting CVE-2026-46817, a critical flaw in Oracle E-Business Suite’s payments processing feature, with researchers observing six attacks in a two-hour window. The activity may be an early sign of broader targeting against Oracle customers, following earlier campaigns tied to Clop ransomware and ShinyHunters. #CVE-2026-46817 #OracleE-BusinessSuite #Clop #ShinyHunters

Keypoints

  • Defused detected six exploit attempts against Oracle E-Business Suite in just two hours.
  • The attacks used a single IP address before any public proof-of-concept was available.
  • Oracle patched CVE-2026-46817 in late May and rated it 9.8 severity.
  • Shadowserver found about 950 potentially vulnerable Oracle E-Business Suite instances.
  • Oracle has recently faced related attack activity from Clop ransomware and ShinyHunters.

Read More: https://cyberscoop.com/oracle-ebs-critical-vulnerability-exploited/