CVE-2025-61882

Vulnerability updated a month ago (2025-10-06T04:27:06.953Z)

Download STIX

Preview STIX

Not enough context has been learned about CVE-2025-61882 for a description yet. However we're tracking it as a Vulnerability profile. Vulnerability: A flaw in software design or implementation

Description last updated:

What's your take? (Question 1 of 5)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Exploit

Oracle

Vulnerability

Zero Day

Crowdstrike

Remote Code ...

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Malware

To see the evidence that has resulted in these malware associations, create a free account

Alias Description	Association Type	Votes
The Clop Malware is associated with CVE-2025-61882. Clop, a malicious software (malware), is linked to a Russian-speaking cybercriminal group also known as Cl0p. It is designed to exploit and damage computer systems by stealing personal information, disrupting operations, or holding data hostage for ransom. In May 2023, the Clop group began exploitin	Unspecified	4

Associated Threat Actors

To see the evidence that has resulted in these threatActor associations, create a free account

Alias Description	Association Type	Votes
The Graceful Spider Threat Actor is associated with CVE-2025-61882. Graceful Spider, also known as TA505, is a threat actor recognized for its malicious cyber activities. This entity has been identified by the cybersecurity industry as the driving force behind various targeted campaigns with harmful intent. The group could be a single individual, a private organizat	Unspecified	2

Source Document References

Information about the CVE-2025-61882 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
Recorded Future	4 days ago	October 2025 CVE Landscape
Checkpoint	13 days ago	3rd November – Threat Intelligence Report - Check Point Research
Securityaffairs	a month ago	U.S. CISA adds Oracle, Windows, Kentico, Apple flaws to its Known Exploited Vulnerabilities catalog
Checkpoint	a month ago	20th October – Threat Intelligence Report - Check Point Research
Securityaffairs	a month ago	Harvard University hit in Oracle EBS cyberattack, 1.3 TB of data leaked by Cl0p group
Securityaffairs	a month ago	Oracle issued an emergency security update to fix new E-Business Suite flaw CVE-2025-61884
Checkpoint	a month ago	13th October – Threat Intelligence Report - Check Point Research
Securityaffairs	a month ago	Google, Mandiant expose malware and zero-day behind Oracle EBS extortion
InfoSecurity-magazine	a month ago	Google: Clop Accessed “Significant Amount” of Data in Oracle EBS Explo
Krebs on Security	a month ago	ShinyHunters Wage Broad Corporate Extortion Spree
Canadian Centre for Cyber Security	a month ago	AL25-013 – Vulnerability impacting Oracle E-Business Suite - CVE-2025-61882 - Canadian Centre for Cyber Security
InfoSecurity-magazine	a month ago	NCSC: Patch Critical Oracle EBS Bug Now
Securityaffairs	a month ago	CrowdStrike ties Oracle EBS RCE (CVE-2025-61882) to Cl0p attacks began Aug 9, 2025
Securityaffairs	a month ago	U.S. CISA adds Oracle, Mozilla, Microsoft Windows, Linux Kernel, and Microsoft IE flaws to its Known Exploited Vulnerabilities catalog
CISA	a month ago	CISA Adds Seven Known Exploited Vulnerabilities to Catalog \| CISA
CrowdStrike	a month ago	CrowdStrike Identifies Campaign Targeting Oracle E-Business Suite via Zero-Day Vulnerability Tracked as CVE-2025-61882
Securityaffairs	a month ago	Oracle patches critical E-Business Suite flaw exploited by Cl0p hackers
Canadian Centre for Cyber Security	a month ago	Oracle security advisory (AV25-640) - Canadian Centre for Cyber Security
SANS ISC	a month ago	Quick and Dirty Analysis of Possible Oracle E-Business Suite Exploit Script (CVE-2025-61882)