What is GHSA-pv4m-gf99-c5jr?

GHSA-pv4m-gf99-c5jr is a security advisory published by GitHub Security Advisories with Critical severity. Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File...

Which CVE IDs does GHSA-pv4m-gf99-c5jr cover?

GHSA-pv4m-gf99-c5jr covers the following CVE IDs: CVE-2026-46817. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-pv4m-gf99-c5jr?

GHSA-pv4m-gf99-c5jr has a CVSS v3 base score of 9.8, published by GitHub Security Advisories.

GHSA-pv4m-gf99-c5jrCriticalCVSS 9.8

Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File...

Vendor

GitHub Security Advisories

Published

May 28, 2026

Last Modified

May 28, 2026

🔗 CVE IDs covered (1)

CVE-2026-46817 →

📋 Description

Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Payments. Successful attacks of this vulnerability can result in takeover of Oracle Payments. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

🔗 References (3)

https://nvd.nist.gov/vuln/detail/CVE-2026-46817
https://www.oracle.com/security-alerts/cspumay2026.html
https://github.com/advisories/GHSA-pv4m-gf99-c5jr