Oracle PeopleSoft CVE-2026-35273: KEV SSRF-to-RCE Zero-Day Exploitation
CISA added actively exploited Oracle PeopleSoft PeopleTools CVE-2026-35273 to KEV on 2026-06-12. Affects PSEMHUB in versions 8.61 and 8.62, allowing unauthenticated remote code execution exploited by ShinyHunters.