Vulnerability in PeopleSoft Enterprise PT PeopleTools by Oracle
CVE-2026-35289

8.1HIGH

Key Information:

Vendor

Oracle

Vendor
CVE Published:
16 June 2026

What is CVE-2026-35289?

A vulnerability has been identified in Oracle's PeopleSoft Enterprise PT PeopleTools, specifically affecting the Deployment Package component. Versions 8.61 and 8.62 are susceptible to exploitation by unauthenticated attackers who have network access via HTTPS. This flaw presents a notable risk, as successful exploitation can lead to the compromise and takeover of the PeopleSoft system, allowing for potential unauthorized access to sensitive data and functionalities.

Affected Version(s)

PeopleSoft Enterprise PT PeopleTools 8.61

PeopleSoft Enterprise PT PeopleTools 8.62

References

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.