https://thesiliconreview.com/2026/06/cybersecurity-incident-oracle-peoplesoft-shinyhunters-breach
It's a sensationalist article, which is not a bad thing in this case.
Less sensationally, but critical (9.8/10):
Vulnerability in the PeopleSoft Enterprise PeopleTools... · CVE-2026-35273 · GitHub Advisory Database
For the other three vulnerabilities, all moderate, that are mentioned in the article:
Vulnerability in the PeopleSoft Enterprise PeopleTools... · CVE-2026-21934 · GitHub Advisory Database
Vulnerability in the PeopleSoft Enterprise HCM Shared... · CVE-2026-22019 · GitHub Advisory Database
Vulnerability in the PeopleSoft Enterprise FIN... · CVE-2026-34299 · GitHub Advisory Database
This week's breach is all over the news, I first found it at https://mastodon.opencloud.lu/@BrideOfLinux/116737809000928257 from @BrideOfLinux@mastodon.opencloud.lu
Before Oracle responded:
Is this true? I have not seen a report yet who is affected. : r/oracle
