NCSC-2026-0204 [1.00] [M/H] Vulnerabilities fixed in Oracle PeopleSoft Enterprise
Oracle has fixed vulnerabilities in Oracle PeopleSoft Enterprise PT PeopleTools (versions 8.61 and 8.62) and PeopleSoft Enterprise CS Campus Community and Student Financials (version 9.2.38). The vulnerabilities in Oracle PeopleSoft Enterprise PT PeopleTools versions 8.61 and 8.62 allow unauthenticated attackers with network access via HTTP or HTTPS to bypass authentication controls, enabling them to create, delete, or modify critical data. Some vulnerabilities allow for complete system compromise, including executing arbitrary code and taking over the system. Additionally, attackers with high privileges and infrastructure access can gain full control over the system. The vulnerabilities affect the confidentiality, integrity, and availability of the system. For PeopleSoft Enterprise CS Campus Community and Student Financials version 9.2.38, attackers with low or high privileges and network access via HTTP or HTTPS can also manipulate critical data or take over the system. The vulnerabilities are related to insufficient access control and affect key components of the PeopleSoft environment.
CSIRTS triage
- What
- Vulnerabilities could allow unauthenticated attackers to bypass authentication and gain control over the system.
- Who is affected
- Users of Oracle PeopleSoft Enterprise versions 8.61, 8.62, and 9.2.38.
- Urgency
- Remediation is urgent due to the potential for complete system compromise.
- Action
- Users should apply the updates provided by Oracle.
AI-assisted analysis generated from the source advisory — verify against the original.
⚡ Watch PeopleSoft Enterprise
Get an email when a new PeopleSoft Enterprise advisory drops — max one per day, one-click unsubscribe.
Details
Original advisory: https://advisories.ncsc.nl/advisory?id=NCSC-2026-0204
Exploitation outlook
EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.
- Low exploitation riskCVE-2026-352710.34% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 26% of all scored CVEs.
- Low exploitation riskCVE-2026-352720.20% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 9% of all scored CVEs.
- Low exploitation riskCVE-2026-352740.39% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 31% of all scored CVEs.
- Low exploitation riskCVE-2026-352760.44% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 35% of all scored CVEs.
- Low exploitation riskCVE-2026-352780.58% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 43% of all scored CVEs.
- Low exploitation riskCVE-2026-352790.39% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 31% of all scored CVEs.
- Low exploitation riskCVE-2026-352880.19% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 9% of all scored CVEs.
- Low exploitation riskCVE-2026-352890.41% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 33% of all scored CVEs.
- Low exploitation riskCVE-2026-468490.38% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 30% of all scored CVEs.
- Low exploitation riskCVE-2026-468510.46% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 37% of all scored CVEs.
Referenced CVEs
| CVE | CSIRTS overview | External |
|---|---|---|
| CVE-2026-35271 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-35272 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-35274 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-35276 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-35278 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-35279 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-35288 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-35289 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-46849 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-46851 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-46979 | coverage & exploitation status | NVD · CVE.org |
Recent advisories for Oracle PeopleSoft Enterprise
A cluster of recent advisories against the same product widens the attack surface — attackers routinely chain freshly published CVEs on one product, so review these together.
- unknownexploitedNCSC-2026-0195 [1.00] [M/H] Vulnerability fixed in Oracle PeopleSoft Enterprise PeopleToolsncsc-nl · 2026-06-12
- criticalexploitedCVE-2026-35273: Oracle PeopleSoft Enterprise PeopleTools Missing Authentication for Critical Function Vulnerab…cisa-kev · 2026-06-12
More from NCSC-NL Advisories
- unknownNCSC-2026-0223 [1.00] [M/H] Vulnerabilities fixed in BeyondTrust Remote Support and Privileged Remote Access2026-07-10
- unknownNCSC-2026-0222 [1.00] [M/H] Vulnerabilities fixed in GitLab Enterprise Edition and Community Edition2026-07-10
- unknownNCSC-2026-0221 [1.00] [M/H] Vulnerabilities fixed in UniFi products from Ubiquiti Networks2026-07-07
- unknownNCSC-2026-0220 [1.00] [M/H] Vulnerabilities fixed in Rancher by Rancher Labs2026-07-03
- unknownNCSC-2026-0219 [1.00] [M/H] Vulnerabilities fixed in GitHub Enterprise Server2026-07-03