https://defusedcyber.com/exploited In-the-wild exploitation reports from the Defused honeypot fleet. https://defusedcyber.com/exploited/cve-2026-46817-oracle-e-business-suite https://defusedcyber.com/exploited/cve-2026-46817-oracle-e-business-suite Sat, 27 Jun 2026 05:38:00 GMT Our Oracle E-Business Suite decoys captured the first in-the-wild exploitation of CVE-2026-46817: six unauthenticated file-read attempts from a single source on 27 June 2026, roughly six weeks after Oracle’s May 2026 patch and before any public proof-of-concept existed.