CVE-2026-21934

Name of the Vulnerable Software and Affected Versions Oracle PeopleSoft versions 8.60 through 8.62

Description A flaw exists in the Push Notifications component of Oracle PeopleSoft Enterprise PeopleTools. A low-privileged attacker with network access via HTTP can compromise the system. Successful exploitation may lead to unauthorized data modification, insertion, deletion, or reading of accessible data within PeopleSoft Enterprise PeopleTools.

Recommendations Versions 8.60 through 8.62 are affected and require attention. At the moment, there is no information about a newer version that contains a fix for this vulnerability.