https://x7peeps.com/tags/%E7%AE%A1%E7%90%86%E9%9D%A2/index.htmlHugozh-CNMon, 15 Jun 2026 12:15:00 +0800https://x7peeps.com/%E5%AE%89%E5%85%A8/%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95/03-%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/Web%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/CVE-2026-35273_Oracle_PeopleSoft_%E6%9C%AA%E6%8E%88%E6%9D%83RCE%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/index.htmlMon, 15 Jun 2026 12:15:00 +0800https://x7peeps.com/%E5%AE%89%E5%85%A8/%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95/03-%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/Web%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/CVE-2026-35273_Oracle_PeopleSoft_%E6%9C%AA%E6%8E%88%E6%9D%83RCE%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/index.htmlCVE-2026-35273: Oracle PeopleSoft 未授权远程代码执行漏洞深度分析 0x01 漏洞背景与详情 CVE-2026-35273 是 Oracle PeopleSoft Enterprise PeopleTools 中一个极危的未授权远程代码执行风险点。官方将其归类为 CWE-306，即关键功能缺少身份认证。该漏洞位于 Updates Environment Management 相关组件中，外部攻击者无需登录即可从网络侧触达高危管理能力。