Zero Day MonitorZDM

← Back to list

8.1

CVE-2026-46851EXPLOITEDPATCHED

oracle · peoplesoft enterprise cs campus community

CVE-2026-46851: Vulnerability in the PeopleSoft Enterprise CS Campus Community product of Oracle PeopleSoft (component: Security). The

Description

A vulnerability identified as critical has been detected in Oracle PeopleSoft Enterprise CS Campus Community 9.2.38. Affected by this issue is some unknown functionality of the component Security. Performing a manipulation results in Remote Code Execution. This vulnerability is known as CVE-2026-46851. Remote exploitation of the attack is possible. You should upgrade the affected component.

Affected Products

Vendor	Product	Versions
oracle	peoplesoft enterprise cs campus community	9.2.38

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
oracle	peoplesoft	cert_advisory	90%

References

https://www.oracle.com/security-alerts/cspujun2026.html(vendor-advisory)

Related News (3 articles)

Tier B

BSI Advisories5h ago

[NEU] [hoch] Oracle PeopleSoft: Mehrere Schwachstellen

→ No new info (linked only)

Tier C

VulDB10h ago

CVE-2026-46851 | Oracle PeopleSoft Enterprise CS Campus Community 9.2.38 Security Remote Code Execution

→ No new info (linked only)

Tier B

CERT-FR14h ago

Multiples vulnérabilités dans Oracle PeopleSoft (17 juin 2026)

→ No new info (linked only)

CVSS 3.18.1 CRITICAL

VectorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

https://www.oracle.com/security-alerts/cspujun2026.html

PublishedJun 16, 2026

Last enriched9h agov2

Trending Score64

Source articles3

Independent3

Info Completeness8/14

Missing: epss, cwe, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

CRITICALCVE-2026-35273EXPKEV

CVE-2026-35273: Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Updates Environment Mana

CRITICALCVE-2026-35275EXP

CVE-2026-35275: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Shared Folders). The supported

CRITICALCVE-2026-46914EXP

CVE-2026-46914: Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The supported version that is a

CRITICALCVE-2026-46849EXP

CVE-2026-46849: Vulnerability in the PeopleSoft Enterprise CS Student Financials product of Oracle PeopleSoft (component: Other). The

CRITICALCVE-2026-35289EXP

CVE-2026-35289: Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft (component: Deployment Package).

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Jun 16, 2026

Actively Exploited

Jun 16, 2026

Patch Available

Jun 16, 2026

Discovered by ZDM

Jun 16, 2026

Updated: description, severity, activelyExploited

Jun 17, 2026

Version History

v2

Last enriched 9h ago

v2Tier C9h ago

Updated severity to CRITICAL, changed exploit availability to false, and provided a more detailed description including Remote Code Execution.

descriptionseverityactivelyExploited

via VulDB

v116h ago

Initial creation