Oracle security advisory (AV26-587) – Update 1

Serial number: AV26-587
Date: June 11, 2026
Updated: June 12, 2026

On June 10, 2026, Oracle published a security advisory to address a critical vulnerability in the following product:

  • PeopleSoft Enterprise PeopleTools – versions 8.61 and 8.62

Open-source reporting indicates that CVE-2026-35273 is being exploited in the wild.

Update 1

On June 12, 2026, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-35273 to their Known Exploited Vulnerabilities (KEV) Database.

The Cyber Centre encourages users and administrators to review the provided web links and perform the suggested mitigations.

Date modified: