← Back to news

CISA Adds One Known Exploited Vulnerability to Catalog

CISA Cybersecurity Advisories12/06/2026, 12:00
Read full article →

Summary

AI-Generated

Key Points:

  • CVE-2026-35273, a critical vulnerability in Oracle PeopleSoft Enterprise PeopleTools, has been added to CISA's Known Exploited Vulnerabilities (KEV) Catalog due to evidence of active exploitation.
  • This vulnerability allows malicious actors to bypass authentication for critical functions, posing significant risks to federal enterprises and potentially granting total control over affected systems.
  • Organizations, particularly Federal Civilian Executive Branch agencies, are urged to prioritize rapid remediation of this vulnerability and adopt risk-based vulnerability management practices.

Technical Details: CVE-2026-35273 involves missing authentication for critical functions within Oracle PeopleSoft, making it a frequent target for exploitation by cyber actors.

MITRE ATT&CK Techniques: None mentioned

IOCs Mentioned: None mentioned

Join the discussion — sign up to comment, upvote, and save articles.

Discussion

or to comment
Loading...

Loading comments...

Join 5,000+ security professionals

Get access to curated threat intel, upvote articles, join discussions, and build your karma in the SOC community.