Deployment Package Vulnerability in PeopleSoft Enterprise PT PeopleTools by Oracle
CVE-2026-35288

8.2HIGH

Key Information:

Vendor

Oracle

Vendor
CVE Published:
16 June 2026

What is CVE-2026-35288?

A vulnerability has been identified in Oracle's PeopleSoft Enterprise PT PeopleTools affecting versions 8.61 and 8.62. This flaw allows an attacker with high privileges, already logged into the infrastructure, to compromise the entire application. Exploiting this vulnerability can lead to significant security impacts beyond PeopleSoft, possibly affecting intertwined products. Successful exploitation can enable an attacker to take control of the PeopleTools application, leading to serious risks in confidentiality, integrity, and availability of sensitive data.

Affected Version(s)

PeopleSoft Enterprise PT PeopleTools 8.61

PeopleSoft Enterprise PT PeopleTools 8.62

References

CVSS V3.1

Score:
8.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.