SAP_SE

283 tracked vulnerabilities.

CVE-2026-27676 MEDIUM
Missing Authorization check in SAP S/4HANA OData Service (Manage Technical Object Structures)
Apr 14, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-27675 LOW
Code Injection vulnerability in SAP Landscape Transformation
Apr 14, 2026
CVSS 2.0
EPSS 0.00
CVE-2026-27674 MEDIUM
Code Injection vulnerability in SAP NetWeaver Application Server Java (Web Dynpro Java)
Apr 14, 2026
CVSS 6.1
EPSS 0.00
CVE-2026-27673 MEDIUM
Missing Authorization Check in SAP S/4HANA (Private Cloud and On-Premise)
Apr 14, 2026
CVSS 4.9
EPSS 0.00
CVE-2026-27672 MEDIUM
Missing Authorization check in Material Master Application
Apr 14, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-24318 MEDIUM
Insecure Session Management vulnerability in SAP BusinessObjects Business Intelligence Platform
Apr 14, 2026
CVSS 4.2
EPSS 0.00
CVE-2026-0512 MEDIUM
Cross-Site Scripting (XSS) vulnerability in SAP Supplier Relationship Management (SICF Handler in SRM Catalog)
Apr 14, 2026
CVSS 6.1
EPSS 0.00
CVE-2026-23683 MEDIUM
SAP Fiori App Intercompany Balance Reconciliation - Privilege Escal...
Jan 27, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-0511 HIGH
SAP Fiori App - Privilege Escalation
Jan 13, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-0510 LOW
NetWeaver Application Server for Java - Info Disclosure
Jan 13, 2026
CVSS 3.0
EPSS 0.00
CVE-2026-0507 HIGH
SAP Application Server for ABAP - Command Injection
Jan 13, 2026
CVSS 8.4
EPSS 0.01
CVE-2026-0504 LOW
SAP Identity Management - Info Disclosure
Jan 13, 2026
CVSS 3.8
EPSS 0.00
CVE-2026-0503 MEDIUM
SAP ERP Central Component and SAP S/4HANA (SAP EHS Management) - Missing Authorization Check
Jan 13, 2026
CVSS 6.4
EPSS 0.00
CVE-2026-0501 CRITICAL
SAP S/4HANA Private Cloud & On-Premise - SQL Injection
Jan 13, 2026
CVSS 9.9
EPSS 0.00
CVE-2026-0499 MEDIUM
SAP NetWeaver Enterprise Portal - XSS
Jan 13, 2026
CVSS 6.1
EPSS 0.00
CVE-2026-0497 MEDIUM
SAP Product Designer Web UI - Info Disclosure
Jan 13, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-0496 MEDIUM
SAP Fiori App Intercompany Balance Reconciliation - File Upload
Jan 13, 2026
CVSS 6.6
EPSS 0.00
CVE-2026-0495 MEDIUM
SAP Fiori App - Privilege Escalation
Jan 13, 2026
CVSS 5.1
EPSS 0.00
CVE-2026-0494 MEDIUM
SAP Fiori App (Intercompany Balance Reconciliation) - Exposure of Sensitive System Information
Jan 13, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-0493 MEDIUM
SAP Fiori App Intercompany Balance Reconciliation - CSRF
Jan 13, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-0491 CRITICAL
SAP Landscape Transformation - Command Injection
Jan 13, 2026
CVSS 9.1
EPSS 0.00
CVE-2025-42928 CRITICAL
SAP jConnect - SDK for ASE 16.0.4-16.0.4, 16.1-16.1 - Remote Code Execution via Deserialization
Dec 09, 2025
CVSS 9.1
EPSS 0.02
CVE-2025-42904 MEDIUM
Application Server ABAP - Info Disclosure
Dec 09, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-42896 MEDIUM
SAP BusinessObjects BI Platform - Login Error URL Server-Side Request Forgery
Dec 09, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-42891 MEDIUM
SAP Enterprise Search - Info Disclosure
Dec 09, 2025
CVSS 5.5
EPSS 0.00
Products
SAP NetWeaver Application Server for ABAP and ABAP Platform 10 SAP NetWeaver Application Server ABAP 9 SAP Fiori App (Intercompany Balance Reconciliation) 6 SAP GUI for Windows 6 SAP NetWeaver Application Server Java 6 SAP NetWeaver Application Server for ABAP 6 SAP BusinessObjects Business Intelligence Platform 5 SAP Financial Consolidation 4 SAP NetWeaver Application Server ABAP and ABAP Platform 4 SAP NetWeaver Enterprise Portal 4 SAPCAR 4 SAP Business One (SLD) 3 SAP Commerce Cloud 3 SAP HCM (My Timesheet Fiori 2.0 application) 3 SAP MDM Server 3 SAP NetWeaver AS for JAVA (Adobe Document Services) 3 SAP NetWeaver Application Server ABAP (applications based on SAP GUI for HTML) 3 SAP NetWeaver and ABAP Platform (SDCCN) 3 SAP Solution Manager 3 SAP Business Connector 2 SAP Business Warehouse and SAP Plug-In Basis 2 SAP Commerce 2 SAP Enable Now 2 SAP Landscape Transformation 2 SAP Landscape Transformation (Analysis Platform) 2 SAP NetWeaver 2 SAP NetWeaver ABAP Platform 2 SAP NetWeaver Application Server ABAP (BIC Document) 2 SAP S/4 HANA (Cash Management) 2 SAP S/4 HANA (Manage Bank Statement Reprocessing Rules) 2
Quick Filters
Critical CVEs With Exploits In CISA KEV