- A critical flaw in Oracle Payments (CVE-2026-46817) is being actively exploited to take over unpatched Oracle E-Business Suite instances.
- The vulnerability affects versions 12.2.3 through 12.2.15, and patches were released by Oracle last month.
- This follows recent attacks on other Oracle products, including a flaw linked to the Cl0p ransomware operation and a zero-day in PeopleSoft Suite.
A critical security flaw in Oracle E-Business Suite is now under active exploitation, according to a report from Defused Cyber. This development poses a significant threat to enterprise systems relying on this widely-used software suite.
The vulnerability, tracked as CVE-2026-46817, allows unauthenticated attackers to compromise Oracle Payments. Consequently, successful attacks can result in the complete takeover of the affected component.
Oracle addressed this issue in its Critical Security Patch Update last month. However, the company’s advisory had not previously noted any in-the-wild exploitation of this specific flaw.
Defused Cyber confirmed the active exploits over the weekend via its honeypots. Meanwhile, the cybersecurity firm stated that no public proof-of-concept code for this vulnerability exists.
This incident is not isolated in Oracle’s recent security history. Late last year, another critical flaw in the same product (CVE-2025-61882) was weaponized by threat actors linked to the Cl0p ransomware operation.
Earlier this month, Oracle patched a separate zero-day vulnerability in its PeopleSoft Suite (CVE-2026-35273). That flaw was also exploited in active attacks by the ShinyHunters data theft group.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
