SAP_SE

283 tracked vulnerabilities.

CVE-2026-27680 LOW
CSS Injection vulnerability in SAP NetWeaver Application Server ABAP
May 14, 2026
CVSS 3.1
EPSS 0.00
CVE-2026-40137 MEDIUM
Cross-Site Scripting (XSS) vulnerability in Business Server Pages Application (TAF_APPLAUNCHER)
May 12, 2026
CVSS 6.1
EPSS 0.00
CVE-2026-40136 MEDIUM
Denial of service (DoS) in SAP Financial Consolidation
May 12, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-40135 MEDIUM
OS Command Injection vulnerability in SAP NetWeaver Application Server for ABAP and ABAP Platform
May 12, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-40134 MEDIUM
Missing Authorization Check in SAP Incentive and Commission Management
May 12, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-40133 MEDIUM
Missing Authorization check in SAP S/4HANA Condition Maintenance
May 12, 2026
CVSS 6.3
EPSS 0.00
CVE-2026-40132 MEDIUM
Missing Authorization Check in SAP Strategic Enterprise Management (BSP application Balanced Scorecard Wizard)
May 12, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-40131 LOW
SQL Injection vulnerability in SAP HANA Deployment Infrastructure (HDI) deploy library
May 12, 2026
CVSS 3.4
EPSS 0.00
CVE-2026-40129 MEDIUM
Code Injection vulnerability in SAP Application Server ABAP for SAP NetWeaver and ABAP Platform
May 12, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-34263 CRITICAL
Missing authentication check in SAP Commerce cloud configuration
May 12, 2026
CVSS 9.6
EPSS 0.00
CVE-2026-34260 CRITICAL
SQL injection vulnerability in SAP S/4HANA (SAP Enterprise Search for ABAP)
May 12, 2026
CVSS 9.6
EPSS 0.00
CVE-2026-34259 HIGH
OS Command Injection Vulnerability in SAP Forecasting & Replenishment
May 12, 2026
CVSS 8.2
EPSS 0.00
CVE-2026-34258 MEDIUM
Content Spoofing vulnerability in SAPUI5 (Search UI)
May 12, 2026
CVSS 4.7
EPSS 0.00
CVE-2026-27682 MEDIUM
SAP NetWeaver AS ABAP Business Server Pages - Reflected Cross-Site Scripting
May 12, 2026
CVSS 4.7
EPSS 0.00
CVE-2026-0502 MEDIUM
Cross Site Request Forgery (CSRF) in SAP BusinessObjects Business Intelligence Platform
May 12, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-34264 MEDIUM
Information Disclosure vulnerability in SAP Human Capital Management for SAP S/4HANA
Apr 14, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-34262 MEDIUM
Information Disclosure Vulnerability in SAP HANA Cockpit and HANA Database Explorer
Apr 14, 2026
CVSS 5.0
EPSS 0.00
CVE-2026-34261 MEDIUM
Missing Authorization check in SAP Business Analytics and SAP Content Management
Apr 14, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-34257 MEDIUM
Open Redirect vulnerability in SAP NetWeaver Application Server ABAP
Apr 14, 2026
CVSS 6.1
EPSS 0.00
CVE-2026-34256 HIGH
Missing Authorization check in SAP ERP and SAP S/4 HANA (Private Cloud and On-Premise)
Apr 14, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-27683 MEDIUM
Reflected cross site scripting vulnerability in SAP BusinessObjects Business Intelligence Platform
Apr 14, 2026
CVSS 4.1
EPSS 0.00
CVE-2026-27681 CRITICAL
SQL Injection vulnerability in SAP Business Planning and Consolidation and SAP Business Warehouse
Apr 14, 2026
CVSS 9.9
EPSS 0.00
CVE-2026-27679 MEDIUM
Missing Authorization check in SAP S/4HANA Frontend OData Service (Manage Reference Structures)
Apr 14, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-27678 MEDIUM
Missing Authorization check in SAP S/4HANA Backend OData Service (Manage Reference Structures)
Apr 14, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-27677 MEDIUM
Missing Authorization check in SAP S/4HANA OData Service (Manage Reference Equipment)
Apr 14, 2026
CVSS 6.5
EPSS 0.00
Products
SAP NetWeaver Application Server for ABAP and ABAP Platform 10 SAP NetWeaver Application Server ABAP 9 SAP Fiori App (Intercompany Balance Reconciliation) 6 SAP GUI for Windows 6 SAP NetWeaver Application Server Java 6 SAP NetWeaver Application Server for ABAP 6 SAP BusinessObjects Business Intelligence Platform 5 SAP Financial Consolidation 4 SAP NetWeaver Application Server ABAP and ABAP Platform 4 SAP NetWeaver Enterprise Portal 4 SAPCAR 4 SAP Business One (SLD) 3 SAP Commerce Cloud 3 SAP HCM (My Timesheet Fiori 2.0 application) 3 SAP MDM Server 3 SAP NetWeaver AS for JAVA (Adobe Document Services) 3 SAP NetWeaver Application Server ABAP (applications based on SAP GUI for HTML) 3 SAP NetWeaver and ABAP Platform (SDCCN) 3 SAP Solution Manager 3 SAP Business Connector 2 SAP Business Warehouse and SAP Plug-In Basis 2 SAP Commerce 2 SAP Enable Now 2 SAP Landscape Transformation 2 SAP Landscape Transformation (Analysis Platform) 2 SAP NetWeaver 2 SAP NetWeaver ABAP Platform 2 SAP NetWeaver Application Server ABAP (BIC Document) 2 SAP S/4 HANA (Cash Management) 2 SAP S/4 HANA (Manage Bank Statement Reprocessing Rules) 2
Quick Filters
Critical CVEs With Exploits In CISA KEV