CVE-2025-61882

unknown KEV

Published 2025-10-06 · Modified 2025-10-06

CVSS v3

—

CVSS v2

—

VIR risk

1.5

Description

Oracle E-Business Suite contains an unspecified vulnerability in the BI Publisher Integration component. The vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Concurrent Processing. Successful attacks can result in takeover of Oracle Concurrent Processing.

CISA KEV

Vendor: Oracle
Product: E-Business Suite
Due date: 2025-10-27

Predictions

Exploit likelihood

99%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cisa-kev — https://www.oracle.com/security-alerts/alert-cve-2025-61882.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-61882

Exploits

References

https://www.oracle.com/security-alerts/alert-cve-2025-61882.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-61882

Verify integrity in audit chain (admin only). AS-IS.