A critical zero-day vulnerability (CVE-2026-35273) in the Environment Management component of Oracle PeopleSoft PeopleTools is being actively exploited worldwide by the ShinyHunters extortion group. The flaw allows unauthenticated remote code execution via HTTP/HTTPS, enabling attackers to compromise affected systems, exfiltrate sensitive data, and take complete control of PeopleSoft environments.

Affected Systems:

Oracle PeopleSoft Enterprise PeopleTools

• version 8.62

• version 8.61

• Unsupported versions are also likely vulnerable.

Security Risks

Successful exploitation can let attackers take full control of the system, access sensitive information, disrupt operations, and compromise the security and reliability of affected systems.

Recommended Actions

The National Cyber Security Authority (NCSA) strongly recommends that system administrators to:

• Follow Oracle Security Alerts (cve-2026-35273) to lower the risk of potential exploits, protect systems, and ensure their security.

• Apply the required and latest security updates as soon as possible.

• For details on updates across Oracle products, see the official advisory: Oracle Security Alerts.

• Before updating or patching, please ensure that you have the latest backup that can easily be restored.

For further information and support, please contact NCSA by email at rwcsirt@ncsa.gov.rw or call us at 9009.
 

References

• Oracle Security Alert Advisory: cve-2026-35273.html

• Check below for Oracle Critical Patch Updates, Security Alerts, and Bulletins