two separate oracle zero-day vulnerabilities are being actively exploited in the wild simultaneously: an ssrf vulnerability in oracle peoplesoft (cvss unspecified, used to breach nissan americas employee data) and a cvss 9.8 vulnerability in oracle e-business suite payments allowing remote unauthenticated takeover. the clustering of critical oracle product exploits within a short window — alongside an unrelated microsoft defender vulnerability being weaponized by ransomware gangs — represents an unusual density of high-severity enterprise system exposure in a single cycle.