THE Known Exploited Vulnerabilities (KEV) Catalog, maintained by CISA, serves as an authoritative resource for vulnerabilities actively exploited in the wild, helping organizations manage risks and prioritize vulnerability management. A specific entry highlights CVE-2026-35273 affecting Oracle PeopleSoft Enterprise PeopleTools, which has a missing authentication vulnerability allowing unauthenticated exploitation.
Organizations are advised to implement mitigations per vendor guidance and follow CISA's direction on prioritizing security updates based on risk. Users can nominate new vulnerabilities for inclusion in the catalog and subscribe for updates.