Attackers have exploited a critical vulnerability in Oracle E-Business Suite's Payments module, specifically targeting the Oracle Payments File Transmission component in releases 12.2.3 through 12.2.15, just six weeks after Oracle issued a patch. The flaw, identified as CVE-2026-46817, has a CVSS score of 9.8 and allows unauthenticated attackers to read arbitrary files. Researchers first observed the exploitation on June 27, before any public proof-of-concept exploit was available1. This vulnerability was fixed in Oracle's May Critical Patch Update, but its exploitation underscores the speed at which attackers can move. The fact that attackers were able to exploit this flaw so quickly, even without public exploit code, highlights the importance of prompt patching and monitoring. This matters to practitioners because the disclosure of CVE-2026-46817 expands the active attack surface, making it crucial to prioritize mitigation based on exposure and exploitation evidence.