CVE-2025-61882

Vulnerability updated 2 days ago (2025-10-06T04:27:06.953Z)

Download STIX

Preview STIX

Not enough context has been learned about CVE-2025-61882 for a description yet. However we're tracking it as a Vulnerability profile. Vulnerability: A flaw in software design or implementation

Description last updated:

What's your take? (Question 1 of 5)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Oracle

Vulnerability

Exploit

Crowdstrike

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Malware

To see the evidence that has resulted in these malware associations, create a free account

Alias Description	Association Type	Votes
The Clop Malware is associated with CVE-2025-61882. Clop, a malicious software (malware), is linked to a Russian-speaking cybercriminal group also known as Cl0p. It is designed to exploit and damage computer systems by stealing personal information, disrupting operations, or holding data hostage for ransom. In May 2023, the Clop group began exploitin	Unspecified	2

Associated Threat Actors

To see the evidence that has resulted in these threatActor associations, create a free account

Alias Description	Association Type	Votes
The Graceful Spider Threat Actor is associated with CVE-2025-61882. Graceful Spider, also known as TA505, is a threat actor recognized for its malicious cyber activities. This entity has been identified by the cybersecurity industry as the driving force behind various targeted campaigns with harmful intent. The group could be a single individual, a private organizat	Unspecified	2

Source Document References

Information about the CVE-2025-61882 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
Krebs on Security	11 hours ago	ShinyHunters Wage Broad Corporate Extortion Spree
Canadian Centre for Cyber Security	20 hours ago	AL25-013 – Vulnerability impacting Oracle E-Business Suite - CVE-2025-61882 - Canadian Centre for Cyber Security
InfoSecurity-magazine	21 hours ago	NCSC: Patch Critical Oracle EBS Bug Now
Securityaffairs	21 hours ago	CrowdStrike ties Oracle EBS RCE (CVE-2025-61882) to Cl0p attacks began Aug 9, 2025
Securityaffairs	a day ago	U.S. CISA adds Oracle, Mozilla, Microsoft Windows, Linux Kernel, and Microsoft IE flaws to its Known Exploited Vulnerabilities catalog
CISA	a day ago	CISA Adds Seven Known Exploited Vulnerabilities to Catalog \| CISA
CrowdStrike	a day ago	CrowdStrike Identifies Campaign Targeting Oracle E-Business Suite via Zero-Day Vulnerability Tracked as CVE-2025-61882
Securityaffairs	2 days ago	Oracle patches critical E-Business Suite flaw exploited by Cl0p hackers
Canadian Centre for Cyber Security	2 days ago	Oracle security advisory (AV25-640) - Canadian Centre for Cyber Security
SANS ISC	2 days ago	Quick and Dirty Analysis of Possible Oracle E-Business Suite Exploit Script (CVE-2025-61882)