The Critical Security Patch Update (CSPU) for May 2026 was released on 28 May 2026. Oracle strongly recommends applying the CSPU patches as soon as possible.
MOSFS Article for EBS CPUs
A link to the latest available Oracle E-Business Suite CSPU document is available in Identifying the Latest Monthly and Quarterly Critical Patch Update for Oracle E-Business Suite Release 12.2 (MOS Article ID KA923). We recommend you bookmark MOSFS Article ID KA923.
Oracle CSPU Announcements
The Critical Patch Update Advisory is the starting point for reviewing all Oracle Critical Patch Update Advisories, Critical Security Patch Update Advisories, Security Alerts and Bulletins. It includes a list of products affected, risk matrices of fixed vulnerabilities, and links to other important documents.
It is essential to review the supporting documentation referenced in the Critical Security Patch Updated Advisory before applying patches.
The next four Critical Security Patch Update release dates are:
- 16 June 2026
- 18 August 2026
- 15 September 2026
- 17 November 2026
The next four Critical Patch Update release dates are:
- 21 July 2026
- 20 October 2026
- 19 January 2027
- 20 April 2027
Additional References
- Identifying the Latest Monthly and Quarterly Critical Patch Update for Oracle E-Business Suite Release 12.2 (MOS Article KA923)
- Oracle E-Business Suite Release 12.2 Critical Security Patch Update Availability Document (May 2026) (MOS Article KA1662)
- Oracle E-Business Suite Security Guide, Release 12.2 – Secure Configuration
- FAQ: Oracle E-Business Suite Security (MOS Article KA1033)