CVE

CVE-2025-61884

3field notes · 0digests

Field notes

Analysis · May 5, 2026 · The Field Notes Desk
Oracle blamed its customers for a zero-day it hadn't patched
Oracle's first public statement during active Cl0p exploitation told customers the breach was their fault for not applying a patch that didn't exist. The correction came Saturday night, behind a paywall.
Analysis · May 5, 2026 · The Field Notes Desk
Cl0p chained an Oracle EBS SSRF into a mass extortion campaign. Your patch window is 21 days.
CVE-2025-61884 is a pre-auth SSRF in Oracle E-Business Suite that Cl0p weaponized into a full RCE chain hitting 100+ organizations. Here's what patching EBS actually looks like under a KEV deadline.
Field Note · Apr 29, 2026 · The Commentary Desk
Best practices for patch prioritization in a hybrid environment: start with business impact
Severity scores tell you which CVE is nastiest. Business impact tells you which one matters.