SecBoard
Back to CVE overview

CVE-2026-46817

CRITICAL(9.8)KEV — Actively Exploited

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Risk Signal Score55/100 — HOCH
  • CVSS 9.8 — Kritisch
  • Im CISA KEV-Katalog (aktiv ausgenutzt)

Mentions (last 60 days)

Articles

CISA KEV

Confirmed exploited

EPSS-Score

1%

Exploit Probability (30 days)

CVSS Score

9.8

Technical Severity

Description

Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Payments. Successful attacks of this vulnerability can result in takeover of Oracle Payments. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

References