Critical Oracle E-Business Flaw Exploited in Real-World Attacks, Experts Warn
Cyberattackers have begun exploiting a critical vulnerability in the Oracle E-Business Suite (EBS), which enables malicious actors to take control of vulnerable systems with relative ease. The flaw, tracked as CVE-2026-46817, affects the File Transmission component of Oracle’s Payments product and has been discovered to be actively exploited by attackers.
The security issue was first identified in May 2026 as part of Oracle’s Critical Security Patch Update, which urged customers to apply patches immediately. However, despite Oracle’s warnings, it appears that many organizations have yet to secure their systems against this vulnerability. Threat intelligence firm Defused reported on Monday that attackers are now actively exploiting the flaw, with the first attempts spotted over the weekend.
Oracle E-Business is a widely used financial application that enables businesses to manage their finances, including payments and invoicing. The fact that attackers are now exploiting a critical vulnerability in this system highlights the ongoing risks faced by organizations that rely on these applications. According to Defused, there are currently over 450 Oracle EBS instances exposed online, with nearly 200 located in the United States and Europe.
The exploitation of Oracle vulnerabilities is not a new phenomenon, with several high-profile attacks having been reported in recent months. In August 2025, the Clop extortion gang exploited an Oracle EBS security flaw to target multiple US universities, while earlier this month, the US Cybersecurity and Infrastructure Security Agency (CISA) flagged a high-severity Oracle WebLogic Server flaw as actively exploited in attacks.
The ease with which attackers can exploit these vulnerabilities is concerning, particularly given the severity of the impact. The CVE-2026-46817 flaw has a CVSS score of 9.8, indicating that it enables unauthenticated malicious actors to take control of vulnerable systems through low-complexity attacks. This highlights the importance of applying security patches in a timely manner and staying up-to-date with the latest security updates.
For organizations relying on Oracle EBS or other Oracle products, the takeaway is clear: test every layer of your environment regularly and stay ahead of potential threats. With 54% of successful attacks going undetected by security teams, it’s essential to conduct regular breach and attack simulation tests to ensure that your SIEM and EDR rules are effective in detecting and preventing cyber threats.
Source: Bleeping Computer — 2026-06-29