THE page discusses a critical vulnerability labeled CVE-2026-35273, identified in Oracle PeopleSoft Enterprise PeopleTools, which allows for missing authentication in a critical function. Access to detailed reports on the vulnerability requires user support. There are also references to similar vulnerabilities in FreeBSD and Android. The article is authored by Do Son, a cybersecurity researcher who focuses on vulnerabilities and malware.
Oracle PeopleSoft flaw lets attackers bypass auth, CVE-2026-35273
CyberSIXT Evidence Panel
Source marked as original reporting
Article by CyberSIXT
Timeline Coverage
Swipe to explore timeline
-
Oracle PeopleSoft flaw lets attackers bypass auth, CVE-2026-35273
securityonline.info
-
CVE-2026-35273 flaw lets attackers wipe Wazuh logs via PeopleSoft
-
CISA warns of Oracle PeopleSoft zero day exploit CVE-2026-35273
securityaffairs.com
-
CISA Adds Oracle PeopleSoft Flaw CVE-2026-35273 to KEV Catalog
cisa.gov
-
ShinyHunters Uses Oracle Zero-Day to Rampage Higher Ed
darkreading.com
-
ShinyHunters exploit PeopleSoft flaw CVE-2026-35273, hit 100 unis
arstechnica.com
-
ShinyHunters Exploits Oracle PeopleSoft Flaw Leaks Data Worldwide
databreaches.net
-
Active Exploitation of Oracle PeopleSoft Zero-Day (CVE-2026-35273)
rapid7.com
-
CISA flags Oracle PeopleSoft bug CVE-2026-35273 in KEV catalog
-
CVE-2026-35273 flaw used in ShinyHunters attack on universities