CVE-2026-35273

CRITICAL(9.8)KEV — Aktiv ausgenutzt

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Risk Signal Score65/100 — HOCH

CVSS 9.8 — Kritisch
Im CISA KEV-Katalog (aktiv ausgenutzt)

Erwähnungen (letzte 60 Tage)

Artikel

CISA KEV

Bestätigt ausgenutzt

EPSS-Score

20%

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

9.8

Technische Schwere

Beschreibung

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Updates Environment Management). Supported versions that are affected are 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in takeover of PeopleSoft Enterprise PeopleTools. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Referenzen

https://www.oracle.com/security-alerts/alert-cve-2026-35273.html
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-...