cve-2026-46817, a cvss 9.8 unauthenticated remote code execution vulnerability in oracle e-business suite's payments file transmission component, is under active exploitation in the wild before appearing on cisa's known-exploited vulnerability list. honeypot data confirmed attack activity over the weekend. oracle ebs is core financial infrastructure for large enterprises globally, making unpatched rce in payment processing components a systemic risk.