Authentication Bypass Vulnerability in PeopleSoft Enterprise Application Server by Oracle
CVE-2026-35276
8.1HIGH
Key Information:
- Vendor
Oracle
- Vendor
- CVE Published:
- 16 June 2026
What is CVE-2026-35276?
A vulnerability exists within the Oracle PeopleSoft Enterprise PT PeopleTools, specifically in the Application Server component, affecting versions 8.61 and 8.62. This vulnerability allows an unauthenticated attacker with network access via HTTP to potentially compromise the system. Without requiring authentication, an adversary could exploit this weakness to gain unauthorized access, risking significant impact on confidentiality, integrity, and availability of the affected system. Just one successful exploit could allow for a complete takeover of the PeopleSoft Enterprise environment.
Affected Version(s)
PeopleSoft Enterprise PT PeopleTools 8.61
PeopleSoft Enterprise PT PeopleTools 8.62