Critical Oracle E-Business Suite Bug Lets Attackers Hijack Enterprise Systems
A critical unauthenticated vulnerability in Oracle E-Business Suite is now being actively exploited in the wild, with honeypot telemetry confirming real-world attack attempts over the weekend of June 27–28, 2026. The Flaw CVE-2026-46817 is a maximum-severity flaw residing in the File Transmission component of Oracle Payments, a core module within Oracle E-Business Suite (EBS). Honeypot data from the Shadowserver Foundation spanning May 30 to June 28, 2026, shows attack traffic distributed globally, with North America (193), Asia (181), Europe (53), South America (18), Africa (9), and Oceania (2) all registering hits on the final observation date.









