Zero Day MonitorZDM

← Back to list

9.8

CVE-2026-35278PATCHED

oracle · peoplesoft enterprise pt peopletools

CVE-2026-35278: Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft (component: Performance Monitor).

Description

Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft (component: Performance Monitor). Supported versions that are affected are 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PT PeopleTools. Successful attacks of this vulnerability can result in takeover of PeopleSoft Enterprise PT PeopleTools. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Affected Products

Vendor	Product	Versions
oracle	peoplesoft enterprise pt peopletools	8.61, 8.62

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
oracle	peoplesoft	cert_advisory	90%

References

https://www.oracle.com/security-alerts/cspujun2026.html(vendor-advisory)

Related News (3 articles)

Tier C

Qualys Blog11d ago

Oracle Critical Patch Update, June 2026 Security Update Review

→ No new info (linked only)

Tier B

BSI Advisories13d ago

[NEU] [hoch] Oracle PeopleSoft: Mehrere Schwachstellen

→ No new info (linked only)

Tier B

CERT-FR13d ago

Multiples vulnérabilités dans Oracle PeopleSoft (17 juin 2026)

→ No new info (linked only)

CVSS 3.19.8 CRITICAL

VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA KEV❌ No

Actively exploited❌ No

Patch available

https://www.oracle.com/security-alerts/cspujun2026.html

PublishedJun 16, 2026

Trending Score16

Source articles3

Independent3

Info Completeness0/14

Missing: cve_id, title, description, vendor, product, versions, cvss, epss, cwe, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

CRITICALCVE-2026-35273EXPKEV

CVE-2026-35273: Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Updates Environment Mana

HIGHCVE-2026-46817EXPKEV

CVE-2026-46817: Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versi

MEDIUMCVE-2026-34318EXP

CVE-2026-34318: Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are a

CRITICALCVE-2026-35292

CVE-2026-35292: Vulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that

CRITICALCVE-2026-35301EXP

CVE-2026-35301: Vulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Jun 16, 2026

Discovered by ZDM

Jun 16, 2026

Patch Available

Jun 18, 2026