InfoSecBulletin Cybersecurity for mankind
Attackers are now using a flaw (called CVE-2026-46817) in the Oracle E-Business Suite (EBS) financial app, according to the security firm Defused. This security issue was discovered in the File Transmission part of EBS’s Oracle Payments product. It allows hackers without authentication and with HTTP network access to take over weak systems using simple attacks.
Oracle issued security updates to fix a weakness in its May 2026 Critical Security Patch Update and asked customers to update their systems right away.
Apple fixes more than 30 iOS, macOS, and Safari flaws
Attackers exploit critical flaw in Oracle E-Business
WhatsApp to allow usernames instead of phone numbers
Linux Unveils New Open Source Security Project “Akrites” For (OSS) Ecosystem
Data breach affects 14.2 million email logins across six ISPs
Asian Two AI startups launch Mythos-like Model
Polymarket Hack Reportedly Results in $3 Million Theft
Anthropic Confirms US Infrastructure Redeployment of Claude Mythos 5
Hackers Target Cloudflare-Hosted AWS Domains to Steal Console Logins
Daily Cyber security update for 26. 06. 2026
“Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released security patches,” the company warned at the time.
“In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply security patches without delay.”
While Oracle has not yet said that the CVE-2026-46817 flaw is being used by attackers, Defused mentioned on Monday that attackers are now using it, with the first attempts seen over the weekend.
“CVE-2026-46817 (CVSS 9.8 unauth HTTP takeover in Oracle E-Business) is being exploited. Over the weekend, we observed an actor exploiting the vulnerability on our Oracle E-Business honeypots. This vulnerability has no known previous exploitation and no public POC code exists,” it warned.
The internet safety group Shadowserver is now watching over 450 Oracle EBS systems that are exposed online, with almost 200 located in the United States and Europe.
There is no information on how many are protected from these attacks.
Earlier this month, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) reported a serious flaw with Oracle WebLogic Server (CVE-2024-21182) that was fixed two years ago but is still being used in attacks.
Weeks later, the company fixed a serious PeopleSoft Suite zero-day flaw (CVE-2026-35273). This flaw was being used in ShinyHunter data theft attacks and let attackers run code from afar without needing to log in.
