Critical Alert 1 Active Exploit Detected Today

CVE-2026-35273 Oracle PeopleSoft Enterprise PeopleTools Missing Authentication for Critical Function Vulnerability →
Powered by CVE Watchtower
×
June 14, 2026

CVE Watchtower


← Back to CVE List

CVE-2026-0508NVD

Vulnerability Summary

The SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker with high privileges to insert malicious URL within the application. Upon successful exploitation, the victim may click on this malicious URL, resulting in an unvalidated redirect to the attacker-controlled domain and subsequently download the malicious content. This vulnerability has a high impact on the confidentiality and integrity of the application, with no effect on the availability of the application.
Severity Level
HIGH(7.3)
Published Date
Feb 10, 2026
Last Modified
Feb 17, 2026
Exploitation Status
????
EPSS Score (30-Day)
0.01%Probability
Root Weakness (CWE)
CWE-601: Unknown/Unlisted Weakness β†—
Refer to the official MITRE database for detailed architectural specifications regarding this weakness.
CVSS v3.1 Base Metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredHigh
User InteractionRequired
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityNone

External References