Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks

Oracle has released mitigations for CVE-2026-35273, but it has not said whether it’s a zero-day exploited in ShinyHunters attacks. The post Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks appeared first on SecurityWeek .

SecurityWeek reports that Oracle released mitigations for CVE-2026-35273, a remotely exploitable PeopleSoft PeopleTools vulnerability that can lead to unauthenticated remote code execution, but has not formally confirmed whether it was used as a zero-day in ShinyHunters attacks.[1][3][8] Other security researchers and Mandiant attribute recent exploitation activity against more than 100 organizations’ PeopleSoft infrastructure to ShinyHunters, consistent with zero-day use before Oracle’s advisory.[1][5] From a CyberSE.AI perspective, any AI agents or data pipelines integrated with Oracle PeopleSoft or dependent on its data inherit this exposure as an AI supply chain risk: compromise of the ERP platform can be used to poison training data, exfiltrate sensitive datasets used by AI systems, or gain a foothold to attack AI agents that rely on PeopleSoft APIs. Organizations should treat this as a critical third‑party platform risk and use SBOM-driven dependency mapping and hardening (patching/mitigations, network isolation, and strict authentication on Oracle-integrated AI workflows) to reduce the blast radius of such ERP zero-days on AI systems.