Primary

Context

Oracle E-Business Suite Flow Manufacturing Security Vulnerability Allowing Takeover

Vulnerability

A vulnerability has been identified in the Oracle Flow Manufacturing component of Oracle E-Business Suite, specifically in versions 12.2.9 through 12.2.15. This vulnerability, which is easily exploitable, allows a low-privileged attacker with network access to use SQL to compromise the application. Successful exploitation can lead to a complete takeover of Oracle Flow Manufacturing.

Impact

Exploitation of this vulnerability can result in a full takeover of the Oracle Flow Manufacturing application.

Remediation

Users are advised to apply the May 2026 Critical Security Patch Update, which includes a patch for this vulnerability. For instructions on applying this patch, refer to the Oracle E-Business Suite Release 12 Critical Security Patch Update Knowledge Document (May 2026), available as My Oracle Support Note KA923.

Added: May 28, 2026, 9:39 PM

Updated: May 28, 2026, 9:39 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.2

remediation

0.0

relevance

9.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.2

remediation

0.0

relevance

9.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle E-Business Suite Flow Manufacturing Security Vulnerability Allowing Takeover

Vulnerability

Impact

Remediation

Affected Products

Oracle Flow Manufacturing

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating