CVE-2026-34307 in PeopleSoft Enterprise PeopleToolsinfo

Summary

by MITRE • 04/22/2026

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Workflow). Supported versions that are affected are 8.61-8.62. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N).

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsible

Oracle

Reservation

03/26/2026

Disclosure

04/22/2026

Moderation

accepted

Entry

VDB-358652

CPE

ready

CWE

CWE-285 (confirmed)

CVSS

5.4 (CNA)

EPSS

0.00028

KEV

Activities

very low

Sector

Industry, Energy, ...

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-34307
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-34307
CVE Details	https://www.cvedetails.com/cve/CVE-2026-34307/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!