PeopleSoft RCE Security Bug: New Oracle Fix

Oracle has issued an emergency update for a PeopleSoft remote code execution vulnerability that can be triggered over the network without authentication. The issue affects PeopleSoft Enterprise PeopleTools versions 8.61 and 8.62 and is tracked as CVE-2026-35273 (CVSS 9.8), enabling attackers with HTTP access to take over systems, alter databases, and execute arbitrary commands. Organizations running affected deployments should apply Oracle’s patched update immediately and validate that exposed instances are remediated.