Uncontrolled Access Vulnerability in Oracle PeopleSoft Enterprise CS Campus Community
CVE-2026-46979

6.5MEDIUM

Key Information:

Vendor: Oracle
Status: Peoplesoft Enterprise Cs Campus Community
Vendor: CVE Published:; 16 June 2026

What is CVE-2026-46979?

A significant vulnerability exists in the PeopleSoft Enterprise CS Campus Community product from Oracle, specifically affecting version 9.2.38. This vulnerability allows a high privileged attacker with network access through HTTPS to exploit the system easily. Successful exploitation can lead to unauthorized creation, deletion, or modification of critical data. Attackers may gain complete access to sensitive information within the PeopleSoft Enterprise CS Campus Community. It is essential for users and administrators of the affected product to apply relevant patches and updates promptly to mitigate potential risks.

Affected Version(s)

PeopleSoft Enterprise CS Campus Community 9.2.38

References

https://www.oracle.com/security-alerts/cspujun2026.html

vendor-advisory

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 16, 2026
Vulnerability Reserved
May 18, 2026

CVE-2026-46979 Data

JSON