Main Vulnerability Database Exploits ID:12324 - Exploit for Input validation error in Oracle E-Business Suite and Oracle Concurrent Processing - CVE-2025-61882

ID:12324 - Exploit for Input validation error in Oracle E-Business Suite and Oracle Concurrent Processing - CVE-2025-61882

Published: January 22, 2026

Vulnerability identifier: #VU116601

Vulnerability risk: Critical

CVE-ID: CVE-2025-61882

CWE-ID: CWE-20

Exploitation vector: Remote access

Vulnerable software:
Oracle E-Business Suite
Oracle Concurrent Processing

Link to public exploit:

https://www.rapid7.com/db/modules/exploit/multi/http/oracle_ebs_cve_2025_61882_exploit_rce

Vulnerability description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to insufficient validation of user-supplied input within the BI Publisher Integration component. A remote attacker can pass specially crafted input to the application and execute arbitrary code on the system.

Note, the vulnerability is being actively exploited in the wild.

Remediation

Install updates from vendor's website.

ID:12324 - Exploit for Input validation error in Oracle E-Business Suite and Oracle Concurrent Processing - CVE-2025-61882

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human