A critical vulnerability in Oracle E-Business Suite, designated as CVE-2026-46817, is currently being exploited, with around 950 vulnerable systems exposed on the internet. The flaw allows unauthenticated attackers to take over affected systems. Oracle has advised customers to apply the necessary patches available from their recent Critical Patch Update. Despite active exploitation, details about the types of attacks or attackers' motivations have not been disclosed.
Internet monitoring by Shadowserver indicates that the majority of these vulnerable instances are based in the United States, and there is uncertainty regarding how many have been fixed. Organizations using Oracle EBS are urged to prioritize applying the patches and to consider removing any non-essential systems from internet exposure.