Port 443 · Episode 28 · · 18:22

CVE-2026-46817: CISA adds Oracle E-Business Suite unauthenticated takeover flaw to KEV catalog

Port 443 dives into CVE-2026-46817: CISA adds Oracle E-Business Suite unauthenticated takeover flaw to KEV catalog — BOD 26-04 orders federal patch by July 18. CVSS 9.8 improper privilege management in Oracle Payments, over 1,000 internet-exposed instances tracked by Shadowserver, active exploitation confirmed by Defused threat intelligence.

Port 443 show artwork

Show notes

  • Overview: Port 443 dives into CVE-2026-46817: CISA adds Oracle E-Business Suite unauthenticated takeover flaw to KEV catalog — BOD 26-04 orders federal patch by July 18. CVSS 9.8 improper privilege management in Oracle Payments, over 1,000 internet-exposed instances tracked by Shadowserver, active exploitation confirmed by Defused threat intelligence.
  • Tags: cybersecurity, threat intelligence

Links and references

Episode Outline

Timestamped topic guide generated from the episode audio for quick scanning.

Loading transcript... [00:00] Port 443 dives into CVE-2026-46817: CISA adds Oracle E-Business Suite unauthenticated takeover flaw to KEV catalog — BOD 26-04 orders federal patch by July 18. CVSS 9.8 improper privilege management in Oracle Payments, over 1,000 internet-exposed instances tracked by Shadowserver, active exploitation confirmed by Defused threat intelligence.