Unauthorized Access Vulnerability in Oracle PeopleSoft Performance Monitor
CVE-2026-35278
9.8CRITICAL
Key Information:
- Vendor
Oracle
- Vendor
- CVE Published:
- 16 June 2026
What is CVE-2026-35278?
A significant vulnerability has been identified in Oracle PeopleSoft's Performance Monitor, affecting versions 8.61 and 8.62. This flaw allows an unauthenticated attacker with network access via HTTP to exploit the system easily. If successfully exploited, it can lead to complete takeover of the PeopleSoft Enterprise PT PeopleTools, compromising both the confidentiality and integrity of the system. Organizations using these affected versions should take immediate action to mitigate any potential security risks associated with this vulnerability.
Affected Version(s)
PeopleSoft Enterprise PT PeopleTools 8.61
PeopleSoft Enterprise PT PeopleTools 8.62