Oracle has disclosed a critical vulnerability in PeopleSoft Suite that permits unauthenticated remote code execution. The flaw is being actively exploited by threat actors in data theft operations, prompting immediate mitigation guidance from the vendor.

Why it matters in Western Canada: PeopleSoft is widely deployed in Canadian post-secondary institutions, healthcare systems, and government agencies for human resources and financial management. Active exploitation poses direct risk to sensitive employee and student data held by Western Canadian organizations.

CVEs: CVE-2026-35273

---

Summary generated from the original advisory. Read the full source: bleepingcomputer