Oracle E-Business Suite May 2026 Critical Security Patch Update (CVE-2026-46817)

Security Patch Release

First reported

29.06.2026 16:46

Last updated

29.06.2026 16:46

Happening score

H score 52

1 unique sources, 1 articles

Summary

Hide ▲

Oracle's May 2026 Critical Security Patch Update addressed CVE-2026-46817 in Oracle E-Business Suite, and customers were urged to patch immediately as exposed systems faced takeover risk. The update covered a flaw in the File Transmission component of Oracle Payments that could enable unauthenticated compromise over HTTP network access.

Related Happenings

Oracle security patch release for CVE-2026-21992

Security Patch Release

H score44 First: 21.03.2026 12:24 Last: 21.03.2026 12:24 Sources 1

About this happening: **Oracle** released **security updates** for **CVE-2026-21992**, a critical flaw in **Identity Manager** and **Web Services Manager** that could enable **unauthenticated remote co...

Open Happening

Barts Health NHS Trust invoice leak on Cl0p leak portal

Data Leak

H score38 First: 05.12.2025 20:55 Last: 05.12.2025 20:55 Sources 1

About this happening: The **Barts Health NHS Trust** data leak became public when **Cl0p** posted stolen **invoice files** on its **dark-web leak portal**, exposing **full names and addresses** linked...

Latest development: 08.12.2025 11:30

Barts Health NHS Trust is seeking a High Court order to stop the sharing, publication or use of invoice files stolen from its Oracle E-business Suite (EBS) database; the trust says Cl0p posted the files on the dark web, and it is working with NHS England, the National Cyber Security Centre, the Metropolitan Police and regulators including the Information Commissioner’s Office while its clinical systems remain unaffected.

Open Happening

University of Phoenix hit by network compromise

Incident

H score78 First: 03.12.2025 15:23 Last: 03.12.2025 15:23 Sources 1

About this happening: **University of Phoenix** disclosed a **data breach** after attackers accessed its **Oracle E-Business Suite (EBS)** financial application during **August 13-22, 2025**. The schoo...

Latest development: 23.12.2025 18:00

Notification letters submitted to the Maine Attorney General’s Office and affected individuals on Monday confirmed that 3,489,274 individuals were affected, including 9131 Maine residents. The compromised data included names, contact information, dates of birth, Social Security numbers, and bank account and routing numbers, and University of Phoenix is offering 12 months of credit monitoring, identity theft recovery assistance, dark web monitoring, and a $1m fraud reimbursement policy.

Open Happening

Clop ransomware gang campaign expands across multiple victims

Campaign

H score62 First: 02.12.2025 14:55 Last: 02.12.2025 14:55 Sources 1

About this happening: A **Clop** extortion campaign is actively stealing data from **Oracle E-Business Suite** customers using **CVE-2025-61882**, putting multiple organizations at risk of theft and le...

Open Happening

Cox Enterprises hit by network compromise linked to Cl0p

Incident

H score42 First: 22.11.2025 17:16 Last: 22.11.2025 17:16 Sources 1

About this happening: **Cox Enterprises** disclosed a **data breach** that exposed personal data after attackers used a **zero-day flaw in Oracle E-Business Suite** to breach its network. The compromis...

Open Happening

Timeline

29.06.2026 16:46 2 articles · 2h ago

Oracle E-Business Suite May 2026 Critical Security Patch Update (CVE-2026-46817)

Initial Disclosure
Oracle issued the **May 2026 Critical Security Patch Update** for **CVE-2026-46817** in **Oracle E-Business Suite**, directing customers to patch immediately after the flaw was identified as a takeover risk.
Show sources

Hackers now exploit critical Oracle E-Business flaw in attacks — www.bleepingcomputer.com — 29.06.2026 16:46

Hackers now exploit critical Oracle E-Business flaw in attacks — www.bleepingcomputer.com — 29.06.2026 16:46
Open in new tab