Description

Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Payments. Successful attacks of this vulnerability can result in takeover of Oracle Payments. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

INFO

Published Date :

May 28, 2026, 9:16 p.m.

Last Modified :

June 17, 2026, 10:53 a.m.

Remotely Exploit :

Yes !
Affected Products

The following products are affected by CVE-2026-46817 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Oracle e-business_suite
2 Oracle payments
CVSS Scores
The Common Vulnerability Scoring System is a standardized framework for assessing the severity of vulnerabilities in software and systems. We collect and displays CVSS scores from various sources for each CVE.
Score Version Severity Vector Exploitability Score Impact Score Source
CVSS 134c704f-9b21-4f2e-91b3-4a467353bcc0
CVSS 3.1 CRITICAL [email protected]
Public PoC/Exploit Available at Github

CVE-2026-46817 has a 5 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2026-46817.

URL Resource
https://www.oracle.com/security-alerts/cspumay2026.html Vendor Advisory
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2026-46817 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Loginsoft Vulnerability Intelligence (LOVI)

Updated: 5 days, 1 hour ago
0 stars 0 fork 0 watcher
Born at : July 7, 2026, 7 a.m. This repo has been linked 5 different CVEs too.

CVE-2026-46817 - Draft

Updated: 1 week, 5 days ago
0 stars 0 fork 0 watcher
Born at : June 30, 2026, 8 a.m. This repo has been linked 2 different CVEs too.

An AI-powered automation workflow built with n8n that fetches the latest cybersecurity and technology news from an RSS feed, summarizes it using Google Gemini, stores the results in Google Sheets, and automatically delivers a daily digest to Telegram.

Updated: 1 week, 4 days ago
0 stars 0 fork 0 watcher
Born at : June 30, 2026, 6:02 a.m. This repo has been linked 1 different CVEs too.

CVE-2026-46817

Python

Updated: 1 week, 4 days ago
0 stars 0 fork 0 watcher
Born at : June 29, 2026, 11:42 p.m. This repo has been linked 1 different CVEs too.

None

Updated: 1 week, 5 days ago
0 stars 0 fork 0 watcher
Born at : Jan. 14, 2023, 11:38 a.m. This repo has been linked 1 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2026-46817 vulnerability anywhere in the article.

  • The Hacker News
URGENT - Progress Tells ShareFile Customers to Shut Down Storage Zone Controllers Over Security Threat

Progress Software has told ShareFile customers to shut down the Windows servers running their Storage Zone Controllers, confirming to The Hacker News that it is responding to a "credible external secu ... Read more

Published Date: Jul 10, 2026 (1 day, 16 hours ago)
  • The Hacker News
Six New U-Boot Flaws Could Let Malicious Images Crash Devices or Run Code at Boot

Researchers at firmware security firm Binarly have found six new flaws in U-Boot, the small program that starts up hardware as varied as home routers, smart cameras, and the management chips inside da ... Read more

Published Date: Jul 10, 2026 (1 day, 17 hours ago)
  • The Hacker News
Unpatched XRING Flaw in XQUIC Lets Remote Clients Crash HTTP/3 Servers

A single wrong variable on one line in XQUIC, Alibaba's QUIC and HTTP/3 library, lets any remote client crash the server with a short burst of completely legal traffic. There is no patch. FoxIO resear ... Read more

Published Date: Jul 10, 2026 (1 day, 21 hours ago)
  • The Hacker News
Exposed Hacker Server Reveals WP-SHELLSTORM Backdooring Thousands of WordPress Sites

A cybercrime crew left one of its own servers wide open on the internet for three weeks, and it exposed the operation's inner workings: the hacking tools, the activity logs, and target lists naming mo ... Read more

Published Date: Jul 10, 2026 (1 day, 21 hours ago)
  • The Hacker News
Study of 281 Free Android VPN Apps Finds Traffic Leaks, Unencrypted Data, and Tracking

Researchers ran 281 of the most popular free VPN apps on the Google Play Store through a new testing system and found that many fail at the basics people install a VPN for, i.e., keeping their traffic ... Read more

Published Date: Jul 10, 2026 (1 day, 22 hours ago)
  • The Hacker News
Attackers Exploit 'Ill Bloom' Vulnerability to Drain $3.1 Million From Cryptocurrency Wallets

Security firm Coinspect has disclosed a crypto wallet flaw it calls Ill Bloom, and attackers are already using it. The flaw is in how some wallet software generated its recovery phrase, the words that ... Read more

Published Date: Jul 10, 2026 (2 days ago)
  • The Hacker News
ThreatsDay: Cloud Bucket Hijacking, Windows LPE Chain, Global Fraud Bust + 17 More Stories

Most security mess starts as admin work. A link gets clicked. A tool gets trusted. A bucket name gets reused. A setting stays loose because nobody wants to touch it.This week is full of that kind of d ... Read more

Published Date: Jul 09, 2026 (2 days, 17 hours ago)
  • The Hacker News
Microsoft Patches RoguePlanet Defender Flaw That Can Grant SYSTEM Privileges

Microsoft has released security updates for a Defender vulnerability known as RoguePlanet, nearly a month after details of the flaw became public. The vulnerability, tracked as CVE-2026-50656 (CVSS sc ... Read more

Published Date: Jul 09, 2026 (3 days ago)
  • The Hacker News
Top AI Agents Built to Catch Malicious Code Can Be Tricked Into Running It

Ask an AI coding agent to scan open-source code for security holes, and it might run the attacker's code on your own machine instead. That is the finding in a proof-of-concept published Wednesday by t ... Read more

Published Date: Jul 09, 2026 (3 days, 3 hours ago)
  • The Hacker News
GhostApproval Symlink Flaws Could Let Malicious Repos Run Code in AI Coding Agents

Researchers at Wiz found that a flaw in six popular AI coding assistants lets a booby-trapped code project quietly take control of a developer's computer. The assistant asks permission to edit one har ... Read more

Published Date: Jul 09, 2026 (3 days, 4 hours ago)
  • The Hacker News
Ubiquiti Patches Critical UniFi Flaws Across Connect, Talk, Access, Protect, and OS

Ravie LakshmananJul 08, 2026Vulnerability / Network Security Ubiquiti has shipped updates to address multiple critical security flaws impacting UniFi Connect, UniFi Talk, UniFi Access, UniFi Protect ... Read more

Published Date: Jul 08, 2026 (3 days, 18 hours ago)
  • The Hacker News
China-Linked UAT-7810 Expands ORB Network With New LONGLEASH Malware

A Chinese threat actor tracked as UAT-7810 is actively refining its bespoke malware to expand its Operational Relay Box (ORB) network by breaking into internet-facing networking devices. According to ... Read more

Published Date: Jul 08, 2026 (4 days ago)
  • The Hacker News
15-Year-Old GhostLock Flaw Enables Root and Container Escape on Most Linux Distros

Researchers at Nebula Security have disclosed GhostLock (CVE-2026-43499), a 15-year-old Linux kernel flaw that lets any logged-in user take full root control of a machine that has not been patched. Th ... Read more

Published Date: Jul 08, 2026 (4 days, 2 hours ago)
  • The Hacker News
CISA Adds 4 Actively Exploited Adobe, Joomla, and Langflow Flaws to KEV

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The ... Read more

Published Date: Jul 08, 2026 (4 days, 3 hours ago)
  • The Hacker News
Suspected China-Aligned Hackers Exploit Roundcube Flaws Against Universities

A suspected China-aligned threat activity cluster has been observed exploiting Roundcube webmail software belonging to physics and engineering departments of U.S. and Canadian universities as part of ... Read more

Published Date: Jul 07, 2026 (4 days, 23 hours ago)
  • The Hacker News
CERT/CC Warns of Hidden Admin Backdoor in Tenda Router Firmware

Several versions of firmware released by Chinese network device manufacturer Tenda have been found to embed an undocumented authentication backdoor that enables administrative access to the devices' w ... Read more

Published Date: Jul 07, 2026 (5 days, 2 hours ago)
  • The Hacker News
BeyondTrust Patches Critical Auth Bypass Flaws in Remote Support and PRA

BeyondTrust has released updates to address two critical security flaws affecting Remote Support (RS) and Privileged Remote Access (PRA) products that, if successfully exploited, could allow unauthent ... Read more

Published Date: Jul 07, 2026 (5 days, 3 hours ago)
  • The Hacker News
Iran-Linked Hackers Use New Cavern C2 Framework to Target Israeli Organizations

An Iranian hacking group affiliated with Iran's Ministry of Intelligence and Security (MOIS) has been wielding a previously undocumented modular command-and-control (C2) framework dubbed Cavern (aka C ... Read more

Published Date: Jul 06, 2026 (5 days, 14 hours ago)
  • The Hacker News
16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems

A use-after-free bug in Linux's KVM hypervisor can be triggered from a guest virtual machine to corrupt the shadow-page state of the host kernel that runs it. Dubbed 'Januscape' and tracked as CVE-202 ... Read more

Published Date: Jul 06, 2026 (5 days, 15 hours ago)
  • The Hacker News
Threat Actors Probe Gitea Docker Flaw CVE-2026-20896 13 Days After Disclosure

Threat actors have been observed attempting to exploit a recently patched critical security flaw in Gitea Docker images, according to Sysdig. The vulnerability in question is CVE-2026-20896 (CVSS scor ... Read more

Published Date: Jul 06, 2026 (5 days, 16 hours ago)

The following table lists the changes that have been made to the CVE-2026-46817 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by [email protected]

    Jun. 17, 2026

    Action Type Old Value New Value
    Added Affected [{'vendor': 'Oracle Corporation', 'product': 'Oracle Payments', 'versions': [{'status': 'affected', 'version': '12.2.3', 'versionType': 'custom', 'lessThanOrEqual': '12.2.15'}]}]
  • CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0

    Jun. 17, 2026

    Action Type Old Value New Value
    Added SSVC {'id': 'CVE-2026-46817', 'role': 'CISA Coordinator', 'options': [{'exploitation': 'none'}, {'automatable': 'yes'}, {'technicalImpact': 'total'}], 'version': '2.0.3', 'timestamp': '2026-05-29T15:41:43.972022Z'}
  • Initial Analysis by [email protected]

    Jun. 04, 2026

    Action Type Old Value New Value
    Added CPE Configuration OR *cpe:2.3:a:oracle:e-business_suite:*:*:*:*:*:*:*:* versions from (including) 12.2.3 up to (including) 12.2.15
    Added Reference Type Oracle: https://www.oracle.com/security-alerts/cspumay2026.html Types: Vendor Advisory
  • CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0

    May. 29, 2026

    Action Type Old Value New Value
    Added CWE CWE-287
    Added CWE CWE-306
    Added CWE CWE-269
  • New CVE Received by [email protected]

    May. 28, 2026

    Action Type Old Value New Value
    Added Description Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Payments. Successful attacks of this vulnerability can result in takeover of Oracle Payments. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
    Added CVSS V3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    Added Reference https://www.oracle.com/security-alerts/cspumay2026.html
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.