Vulnerability in Oracle PeopleSoft Enterprise PT PeopleTools Deployment Package
CVE-2026-35272

8.4HIGH

Key Information:

Vendor

Oracle

Vendor
CVE Published:
16 June 2026

What is CVE-2026-35272?

A vulnerability in the Deployment Package component of Oracle's PeopleSoft Enterprise PT PeopleTools allows an unauthenticated attacker, with access to the underlying infrastructure, to compromise the system. Supported versions 8.61 and 8.62 are affected. Successful exploitation can lead to complete takeover of the PeopleSoft application, posing significant risks to the confidentiality, integrity, and availability of sensitive data.

Affected Version(s)

PeopleSoft Enterprise PT PeopleTools 8.61

PeopleSoft Enterprise PT PeopleTools 8.62

References

CVSS V3.1

Score:
8.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.