Zero Day MonitorZDM

← Back to list

9.8

CVE-2026-46817KEVEXPLOITEDPATCHED

oracle · oracle payments

CVE-2026-46817: Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versi

Description

A critical security flaw impacting Oracle E-Business Suite has come under active exploitation in the wild, according to Defused Cyber. The vulnerability, tracked as CVE-2026-46817 (CVSS score: 9.8), refers to an improper privilege management and authentication flaw in Oracle Payments that could be abused to take over susceptible instances.

Affected Products

Vendor	Product	Versions
oracle	oracle payments	12.2.3, 12.2.15

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
oracle	e-business	cert_advisory	90%

References

https://www.oracle.com/security-alerts/cspumay2026.html(vendor-advisory)

Related News (6 articles)

Tier D

Heise Security19m ago

Oracle E-Business Suite: Angriffe auf Payments beobachtet

→ No new info (linked only)

Tier D

The Hacker News3h ago

Oracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the Wild

→ No new info (linked only)

Tier D

BleepingComputer18h ago

Hackers now exploit critical Oracle E-Business flaw in attacks

→ No new info (linked only)

Tier B

BSI Advisories31d ago

[NEU] [hoch] Oracle E-Business Suite: Mehrere Schwachstellen

→ No new info (linked only)

Tier D

Heise Security32d ago

Oracle CSPU: 35 Sicherheitsupdates im Mai

→ No new info (linked only)

Tier C

VulDB32d ago

CVE-2026-46817 | Oracle Payments up to 12.2.15 File Transmission Remote Code Execution

→ No new info (linked only)

CVSS 3.19.8 HIGH

VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA KEV✅ Yes

Actively exploited✅ Yes

Patch available

https://www.oracle.com/security-alerts/cspumay2026.html

PublishedMay 28, 2026

Last enriched4m agov5

Tags

active exploitation

Trending Score133🔥

Source articles6

Independent5

Info Completeness11/14

Missing: epss, cwe, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

CRITICALCVE-2026-35273EXPKEV

CVE-2026-35273: Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Updates Environment Mana

MEDIUMCVE-2026-34318EXP

CVE-2026-34318: Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are a

CRITICALCVE-2026-35292

CVE-2026-35292: Vulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that

CRITICALCVE-2026-35301EXP

CVE-2026-35301: Vulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that

CRITICALCVE-2026-35278

CVE-2026-35278: Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft (component: Performance Monitor).

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

May 28, 2026

Added to CISA KEV

May 28, 2026

Discovered by ZDM

May 28, 2026

Updated: description, activelyExploited

May 28, 2026

Actively Exploited

May 29, 2026

Exploit Available

May 29, 2026

Patch Available

May 29, 2026

Updated: iocs

Jun 29, 2026

Updated: description, tags

Jun 30, 2026

Updated: affectedVersions, exploitAvailable, severity

Jun 30, 2026

Version History

v5

Last enriched 4m ago

v5Tier D4m ago

Updated affected versions to include 12.2.15, marked exploit as available, changed severity to HIGH, and noted no specific IOCs provided.

affectedVersionsexploitAvailableseverity

via Heise Security

v4Tier D2h ago

Updated description with new details on improper privilege management and added tags indicating active exploitation.

descriptiontags

via The Hacker News

v3Tier D18h ago

Marked exploitAvailable as true, updated patchAvailable to null, and added IoCs from the article.

iocs

via BleepingComputer

v2Tier C32d ago

Updated description with new details about Remote Code Execution and changed exploit availability to false.

descriptionactivelyExploited

via VulDB

v132d ago

Initial creation