CVE-2026-35241 — Vulnetix

CVE-2026-35241 PUBLISHED CVSS 5.699999809265137 MEDIUM

Vulnerability in the PeopleSoft Enterprise CS Student Records product of Oracle PeopleSoft (component: Research Tracking). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise CS Student Records. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise CS Student Records accessible data. CVSS 3.1 Base Score 5.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N).

Risk Scores

CVSS v3.1

5.699999809265137

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

Affected Products

Vendor	Product	Versions
Oracle Corporation	PeopleSoft Enterprise CS Student Records	9.2
oracle	peoplesoft_enterprise_cs_student_records

Timeline

Apr 21, 2026 CVE Published
Apr 22, 2026 Security Advisory
Apr 22, 2026 CVE Updated

References

Oracle Advisory vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2026-35241 advisory

Open in Interactive Console →