A critical vulnerability in Oracle PeopleSoft was disclosed last Thursday, which has been exploited by the cybercriminal group ShinyHunters. The U.S. cybersecurity agency CISA has added this vulnerability to its 'Known-Exploited Vulnerabilities' catalog. Oracle issued an out-of-cycle security advisory warning about the flaw, which affects Oracle PeopleSoft PeopleTools and possibly Oracle PeopleSoft Enterprise Applications. Attackers can exploit the vulnerability remotely without prior authentication using HTTP packets to inject and execute malicious code (CVE-2026-35273, CVSS 9.8, risk level '
Bias read (Center): The article reports on a technical cybersecurity issue involving a software vulnerability and its exploitation by a known cybercriminal group. It provides factual information about the vulnerability, the affected systems, and the response from Oracle and CISA. There is no evident ideological framing
Why these scores (Factual 85 · Objective 75): This article accurately reports on CVE-2026-35273 related to Oracle PeopleSoft Enterprise PeopleTools, noting that it has been added to CISA's KEV catalog and is being exploited by the ShinyHunters group. However, it lacks specific technical details from the primary source such as the exact action r






