CVE-2026-35273

CRITICAL KEV

PeopleSoft Enterprise PeopleTools 8.61-8.62 - Unauthenticated Remote Code Execution via Updates Environment Management

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2026-35273 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added June 12, 2026. EIP tracks 3 public exploits from researchers including wnaspy, 0xBlackash, HORKimhab.

AI-analyzed exploit summary The repository contains a ZIP file with obfuscated or encrypted content, no clear exploit code, and no technical details about the vulnerability. The structure suggests a potential lure for external downloads or malicious payloads.

Description

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Updates Environment Management). Supported versions that are affected are 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in takeover of PeopleSoft Enterprise PeopleTools. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Exploits (3)

github SUSPICIOUS
by wnaspy · pythonpoc
https://github.com/wnaspy/CVE-POC-WEAPON/tree/main/CVE-2026-35273.zip

The repository contains a ZIP file with obfuscated or encrypted content, no clear exploit code, and no technical details about the vulnerability. The structure suggests a potential lure for external downloads or malicious payloads.

Classification
Suspicious 90%
Attack Type
Other
Complexity
Unknown
Reliability
Theoretical
Target: unknown
No auth needed
Prerequisites: none identified
devstral-2 · analyzed Jun 14, 2026 Full analysis →
github WRITEUP
by 0xBlackash · poc
https://github.com/0xBlackash/CVE-2026-35273

This repository provides a detailed technical analysis of CVE-2026-35273, an unauthenticated RCE vulnerability in Oracle PeopleSoft PeopleTools. It includes vulnerability details, affected versions, attack characteristics, and mitigation strategies but lacks actual exploit code.

Classification
Writeup 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Theoretical
Target: Oracle PeopleSoft Enterprise PeopleTools 8.61, 8.62
No auth needed
Prerequisites: Network access to vulnerable PeopleTools instance
devstral-2 · analyzed Jun 12, 2026 Full analysis →
github SCANNER
by HORKimhab · pythonpoc
https://github.com/HORKimhab/CVE-2026-35273

The repository contains a Python script that scans for indicators of CVE-2026-35273 in Oracle PeopleSoft PeopleTools but does not include functional exploit code. It checks for accessible endpoints and simulates an attack flow without executing any exploitation.

Classification
Scanner 95%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Theoretical
Target: Oracle PeopleSoft PeopleTools
No auth needed
Prerequisites: network access to target · target URL
devstral-2 · analyzed Jun 12, 2026 Full analysis →

References (2)

Core 2
Core References
Vendor Advisory vendor-advisory
Oracle Advisory
https://www.oracle.com/security-alerts/alert-cve-2026-35273.html

Scores

CVSS v3 9.8
EPSS 0.0072
EPSS Percentile 48.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation active
Automatable yes
Technical Impact total

Details

CISA KEV 2026-06-12
VulnCheck KEV 2026-06-11
ENISA EUVD EUVD-2026-36199
CWE
CWE-306
Status published
Products (4)
oracle/peoplesoft_enterprise_peopletools 8.61
oracle/peoplesoft_enterprise_peopletools 8.62
Oracle Corporation/PeopleSoft Enterprise PeopleTools 8.61
Oracle Corporation/PeopleSoft Enterprise PeopleTools 8.62
Published Jun 11, 2026
KEV Added Jun 12, 2026
Tracked Since Jun 11, 2026