Oracle PeopleSoft vulnerability: How to find impacted assets
ID: c49c647c-4b70-54f0-ac3e-7b556656e998
STIX ID: report--c49c647c-4b70-54f0-ac3e-7b556656e998
Feed Name: runZero Blog
Oracle disclosed CVE-2026-35273, an SSRF vulnerability in the PeopleSoft Environment Management Hub (EMHub) that can be abused by unauthenticated remote attackers to chain outbound requests, achieve remote code execution, create administrative accounts, and obtain root-level control; affected versions are PeopleSoft 8.61 and 8.62, evidence indicates active exploitation in the wild, and users are urged to update immediately with provided detection guidance (runZero query) to locate impacted assets.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
