7:["$","main",null,{"id":"main-content","tabIndex":-1,"className":"mx-auto w-full max-w-5xl px-6 py-6","data-testid":"news-detail-page","children":[["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"NewsArticle\",\"headline\":\"CVE-2026-46817: Oracle E-Business Suite Flaw Under Active Exploitation With No Public PoC\",\"description\":\"A critical security flaw impacting Oracle E-Business Suite has come under active exploitation in the wild, according to Defused Cyber.\",\"datePublished\":\"2026-06-30T05:04:06Z\",\"dateModified\":\"2026-06-30T05:42:11Z\",\"mainEntityOfPage\":\"https://thehackernews.com/2026/06/oracle-e-business-suite-flaw-cve-2026.html\",\"inLanguage\":\"en\",\"publisher\":{\"@type\":\"Organization\",\"name\":\"The Hacker News\"},\"author\":{\"@type\":\"Organization\",\"name\":\"The Hacker News\"},\"image\":[\"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhYwCBjb2uPzIs-8BNIxo90ae4xRgxzM1av-ijebBJ32Y2DEvRUvM-jMd6S535UdnbPKrLtFHxm0k9Lo7GJgVjCWCrH-0RNFZukDv7shdA02IkDs1Iqx8C-uH2hOCyfpJ01tmNVGhrvQ-6FGlmdjnCP0nXrq7zl5KVL3XZ84I9QTImD5DM8HYoJbA0A1P3w/s1600/oracle.jpg\"]}"}}],["$","$11",null,{"fallback":null,"children":["$","$L1d",null,{"article":{"id":"019f170c-a265-7d55-a522-0e51c10d1d30","slug":"thehackernews-iqkvh6wx","source":"thehackernews","source_display":"The Hacker News","published_at":"2026-06-30T05:04:06Z","headline":"Oracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the Wild","teaser":"A critical security flaw impacting Oracle E-Business Suite has come under active exploitation in the wild, according to Defused Cyber.","language_shown":"en","translation_status":"native","severity_implied":"critical","incident_type":"vulnerability_disclosure","thumbnail_url":"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhYwCBjb2uPzIs-8BNIxo90ae4xRgxzM1av-ijebBJ32Y2DEvRUvM-jMd6S535UdnbPKrLtFHxm0k9Lo7GJgVjCWCrH-0RNFZukDv7shdA02IkDs1Iqx8C-uH2hOCyfpJ01tmNVGhrvQ-6FGlmdjnCP0nXrq7zl5KVL3XZ84I9QTImD5DM8HYoJbA0A1P3w/s1600/oracle.jpg","tags":[{"type":"cve","value":"CVE-2026-46817","normalized":"cve-2026-46817","is_resolved":true,"confidence":1},{"type":"vendor","value":"Oracle","normalized":"oracle","is_resolved":true,"confidence":0.9},{"type":"incident_type","value":"vulnerability_disclosure","normalized":"vulnerability_disclosure","is_resolved":true,"confidence":1}],"cross_source_count":2,"is_critical_breaking":true,"has_original_view":false,"source_url":"https://thehackernews.com/2026/06/oracle-e-business-suite-flaw-cve-2026.html","fetched_at":"2026-06-30T05:42:11Z","body":"$1e","body_format":"html","resolved_lang":"en","translation_pending":false,"rewritten_title":"CVE-2026-46817: Oracle E-Business Suite Flaw Under Active Exploitation With No Public PoC","rewritten_body":"$1f","rewritten_by":"claude-sonnet-4-6","canonical_url":"https://thehackernews.com/2026/06/oracle-e-business-suite-flaw-cve-2026.html","structured_headline":"Oracle E-Business Suite CVE-2026-46817 Actively Exploited in Wild","structured_dek":"Critical privilege management flaw in Oracle Payments (CVE-2026-46817, CVSS 9.8) affecting versions 12.2.3–12.2.15 is under active exploitation despite no public PoC.","structured_attack_brief":"

Target: Oracle E-Business Suite / Oracle Payments
Vector: Improper privilege management and authentication; unauthenticated network access via HTTP
Attribution: unattributed

","structured_technical_details":"

CVE IDs

CVE-2026-46817

Affected

Oracle E-Business Suite versions 12.2.3 through 12.2.15

","structured_impact":"

Confirmed Damage: Complete takeover of Oracle Payments instances

","structured_mitigation":"

Patches

Oracle Critical Security Patch Update (May 2026)

","structured_context":"

Similar Attacks: CVE-2025-61882 (Oracle EBS, CVSS 9.8) exploited by Cl0p ransomware operation starting August 2025; CVE-2026-35273 (Oracle PeopleSoft Suite, CVSS 9.8) exploited by ShinyHunters in June 2026

","structured_source":{"url":"https://thehackernews.com/2026/06/oracle-e-business-suite-flaw-cve-2026.html","author":"The Hacker News","date":"2026-06-30T00:00:00Z"},"structured_by":"claude-haiku-4-5","structured_at":"2026-06-30T05:42:15Z"}}]}]]}]

Oracle E-Business Suite CVE-2026-46817 Actively Exploited in Wild

Attack Brief

Technical Details

Impact

Mitigation

Context

Source