Vulnerability in Oracle PeopleSoft Enterprise SCM Purchasing
CVE-2026-34295
6.5MEDIUM
Key Information:
- Vendor
Oracle
- Vendor
- CVE Published:
- 21 April 2026
What is CVE-2026-34295?
A security vulnerability exists in Oracle's PeopleSoft Enterprise SCM Purchasing, specifically within the Purchasing component. This flaw allows a low-privileged attacker with network access via HTTP to exploit the system. Successful exploitation can lead to unauthorized access to sensitive data, potentially compromising the integrity of data across all accessible PeopleSoft Enterprise SCM Purchasing resources. Organizations utilizing affected versions should take immediate action to secure their systems against this vulnerability to prevent potential data breaches.
Affected Version(s)
PeopleSoft Enterprise SCM Purchasing 9.2