CVE 9.8 CRITICAL

CVE-2026-35273_CVE-2026-35273

June 10, 2026 invoker category_cve
9.8 / 10
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Updates Environment Management). Supported versions that are affected are 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in takeover of PeopleSoft Enterprise PeopleTools. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

AI Analysis

Easily exploitable vulnerability in PeopleSoft Enterprise PeopleTools allowing unauthenticated attackers to compromise the system via HTTP.

Basic Information

ID CVE-2026-35273
Source oracle
Published Jun 11, 2026 at 02:25
Modified Jun 11, 2026 at 03:08

Affected Product

Vendor Oracle Corporation
Product PeopleSoft Enterprise PeopleTools
Version 8.61, 8.62
Affected Versions Oracle Corporation PeopleSoft Enterprise PeopleTools 8.61
Oracle Corporation PeopleSoft Enterprise PeopleTools 8.62

AI Assessment

AI Score 9.8 / 10
AI Severity Critical
Vendor Oracle Corporation
Product PeopleSoft Enterprise PeopleTools
Version 8.61, 8.62

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.