PT-2026-49848

Name of the Vulnerable Software and Affected Versions PeopleSoft Enterprise PT PeopleTools version 8.61 PeopleSoft Enterprise PT PeopleTools version 8.62 Description An issue exists in the Deployment Package component of Oracle PeopleSoft. This allows an unauthenticated attacker with access to th...

MINI-8X62-MV2M-GWM8

Bulletin has no description...

CVE-2026-34307

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Workflow. Supported versions that are affected are 8.61-8.62. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools...

PT-2026-34093

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Portal. Supported versions that are affected are 8.61-8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools...

MINI-WGGC-FPWM-V62C

Bulletin has no description...

SUSE CVE-2026-32758

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Versions 2.61.2 and below are vulnerable to Path Traversal through the resourcePatchHandler http/resource.go. The destination path in resourcePatchHandler is...

CVE-2026-32761 File Browser has an Authorization Policy Bypass in its Public Share Download Flow

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Versions 2.61.0 and below contain a permission enforcement bypass which allows users who are denied download privileges perm.download = false but granted share...

MINI-62FH-FGW8-RR2C

Bulletin has no description...

CVE-2026-21951

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Integration Broker. Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

EUVD-2026-3558

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Integration Broker. Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

Oracle PeopleSoft security vulnerabilities

Oracle PeopleSoft is a corporate human capital management solution developed by Oracle Corporation in the United States. This product offers functions such as human capital management, financial management, and supplier relationship management. PeopleSoft Enterprise PeopleTools is a tool and...

CVE-2017-18457

cPanel before 62.0.17 allows arbitrary file-read operations via WHM /styled/ URLs SEC-218...

CVE-2025-66034 fontTools is Vulnerable to Arbitrary File Write and XML injection in fontTools.varLib

fontTools is a library for manipulating fonts, written in Python. In versions from 4.33.0 to before 4.60.2, the fonttools varLib or python3 -m fontTools.varLib script has an arbitrary file write vulnerability that leads to remote code execution when a malicious .designspace file is processed. The...

PT-2025-48353

Name of the Vulnerable Software and Affected Versions fontTools versions 4.33.0 through 4.60.1 Description fontTools is a Python library used for manipulating fonts. A flaw exists in the fontTools.varLib script, specifically within the main code path, which can lead to arbitrary file write and...

MAL-2025-165047 Malicious code in rival-poke62 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da03511e217c945a1d6b37423ed89efbe84e99d400f8bcbdc64854d246dec5d8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rita-62 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e70e7d0d48ef84b27938da40ed12fe90ec4422ce45944b392ee6cbda16971198 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in bitha-62 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f74ea61f3200837c8f730538c7d40225984701cb8e0561f44e48e4dfe2b30e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-155157 Malicious code in fitra-poke62 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7524bd7ec2804a29f31ce610def80232e46742adf2900397a9199d62844de90d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in puma_pink-62 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a4db39401ab1964b13e7e2a8a03c7af49370696001302a529fff1bc6f7827cd7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

CVE-2025-53050

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Performance Monitor. Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...