Oracle PeopleSoft: Mehrere Schwachstellen
Oracle PeopleSoft ist eine ERP Anwendung.
AI Analysis
Technical Summary
The June 2026 Oracle Critical Security Patch Update (CSPU) includes fixes for multiple vulnerabilities affecting Oracle PeopleSoft Enterprise PT PeopleTools versions 8.61 and 8.62, and PeopleSoft Enterprise CS Campus Community and Student Financials version 9.2.38. These vulnerabilities are part of a broader set of 245 security patches released across Oracle products. Oracle advises customers to remain on actively supported versions and apply the patches without delay to prevent exploitation. The advisory references multiple CVEs including CVE-2026-35271 and related identifiers. No detailed technical exploitation information or CVSS scores are provided in the advisory. Oracle also suggests possible risk reduction by blocking certain network protocols or removing unnecessary privileges until patches are applied, though these may impact functionality.
Potential Impact
The vulnerabilities addressed in this update potentially expose affected Oracle PeopleSoft Enterprise components to security risks that could be exploited if patches are not applied. Oracle has reported attempts to exploit previously patched vulnerabilities, emphasizing the importance of timely patching. The exact impact of each vulnerability is not detailed, but the volume and critical nature of the patches indicate significant security concerns. No known exploits in the wild are reported for these specific vulnerabilities at this time.
Mitigation Recommendations
Oracle has released official security patches as part of the June 2026 Critical Security Patch Update that address these vulnerabilities. Customers are strongly advised to apply these patches promptly to mitigate the risks. Until patches are applied, risk may be reduced by blocking network protocols required by potential attacks and by removing unnecessary privileges from users, though these measures may affect application functionality. Oracle recommends staying on actively supported product versions and following the detailed patch installation instructions provided in the official advisory. Patch status is confirmed as available and official fixes are provided.
Oracle PeopleSoft: Mehrere Schwachstellen
Description
Oracle PeopleSoft ist eine ERP Anwendung.
CVSS v3.1
Score 8.7high
Affected software
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The June 2026 Oracle Critical Security Patch Update (CSPU) includes fixes for multiple vulnerabilities affecting Oracle PeopleSoft Enterprise PT PeopleTools versions 8.61 and 8.62, and PeopleSoft Enterprise CS Campus Community and Student Financials version 9.2.38. These vulnerabilities are part of a broader set of 245 security patches released across Oracle products. Oracle advises customers to remain on actively supported versions and apply the patches without delay to prevent exploitation. The advisory references multiple CVEs including CVE-2026-35271 and related identifiers. No detailed technical exploitation information or CVSS scores are provided in the advisory. Oracle also suggests possible risk reduction by blocking certain network protocols or removing unnecessary privileges until patches are applied, though these may impact functionality.
Potential Impact
The vulnerabilities addressed in this update potentially expose affected Oracle PeopleSoft Enterprise components to security risks that could be exploited if patches are not applied. Oracle has reported attempts to exploit previously patched vulnerabilities, emphasizing the importance of timely patching. The exact impact of each vulnerability is not detailed, but the volume and critical nature of the patches indicate significant security concerns. No known exploits in the wild are reported for these specific vulnerabilities at this time.
Mitigation Recommendations
Oracle has released official security patches as part of the June 2026 Critical Security Patch Update that address these vulnerabilities. Customers are strongly advised to apply these patches promptly to mitigate the risks. Until patches are applied, risk may be reduced by blocking network protocols required by potential attacks and by removing unnecessary privileges from users, though these measures may affect application functionality. Oracle recommends staying on actively supported product versions and following the detailed patch installation instructions provided in the official advisory. Patch status is confirmed as available and official fixes are provided.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Nationaal Cyber Security Centrum
- Advisory Id
- NCSC-2026-0204
- Cve Count
- 11
- Additional Cves
- ["CVE-2026-35272","CVE-2026-35274","CVE-2026-35276","CVE-2026-35278","CVE-2026-35279","CVE-2026-35288","CVE-2026-35289","CVE-2026-46849","CVE-2026-46851","CVE-2026-46979"]
- Cvss Version
- null
Threat ID: 6a3270540b89be68881d31d5
Added to database: 6/17/2026, 10:00:52 AM
Last enriched: 6/17/2026, 10:02:08 AM
Last updated: 6/17/2026, 5:11:08 PM
Views: 6
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.