sap

1,568 tracked vulnerabilities.

CVE-2026-34264 MEDIUM
Information Disclosure vulnerability in SAP Human Capital Management for SAP S/4HANA
Apr 14, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-34262 MEDIUM
Information Disclosure Vulnerability in SAP HANA Cockpit and HANA Database Explorer
Apr 14, 2026
CVSS 5.0
EPSS 0.00
CVE-2026-27679 MEDIUM
Missing Authorization check in SAP S/4HANA Frontend OData Service (Manage Reference Structures)
Apr 14, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-24314 MEDIUM
SAP S/4HANA Manage Payment Media - Authenticated Exposure of Sensitive System Information
Feb 24, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-24328 MEDIUM
SAP TAF_APPLAUNCHER - Open Redirect
Feb 10, 2026
CVSS 6.1
EPSS 0.00
CVE-2026-24327 MEDIUM
SAP Strategic Enterprise Management - Info Disclosure
Feb 10, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-24326 MEDIUM
SAP S/4HANA Defense & Security - Missing Authorization Check in Disconnected Operations
Feb 10, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-24325 MEDIUM
SAP BusinessObjects Enterprise - XSS
Feb 10, 2026
CVSS 4.8
EPSS 0.00
CVE-2026-24324 MEDIUM
SAP BusinessObjects Business Intelligence Platform - Authenticated Denial of Service via AdminTools Query
Feb 10, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-24323 MEDIUM
SAP BSP Applications - Reflected Cross-Site Scripting
Feb 10, 2026
CVSS 6.1
EPSS 0.00
CVE-2026-24322 HIGH
SAP Solution Tools Plug-In - Authenticated Information Disclosure via Missing Authorization
Feb 10, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-24321 MEDIUM
SAP Commerce Cloud - Info Disclosure
Feb 10, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-24320 LOW
SAP NetWeaver AS ABAP Kernel - Memory Corruption via Crafted Input
Feb 10, 2026
CVSS 3.1
EPSS 0.00
CVE-2026-24319 MEDIUM
SAP Business One - Cleartext Storage of Sensitive Information in Memory
Feb 10, 2026
CVSS 5.8
EPSS 0.00
CVE-2026-24312 MEDIUM
SAP Business Workflow - Privilege Escalation
Feb 10, 2026
CVSS 5.2
EPSS 0.00
CVE-2026-23689 HIGH
SAP Supply Chain Management and Advanced Planning and Optimization - Denial of Service via Resource Consumption
Feb 10, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-23688 MEDIUM
SAP Fiori App Manage Service Entry Sheets - Privilege Escalation
Feb 10, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-23687 HIGH
SAP NetWeaver Application Server ABAP/ABAP Platform - Privilege Esc...
Feb 10, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-23686 LOW
SAP NetWeaver Application Server Java - CRLF Injection
Feb 10, 2026
CVSS 3.4
EPSS 0.00
CVE-2026-23685 MEDIUM
SAP NetWeaver - Authenticated Denial of Service via JMS Service Deserialization
Feb 10, 2026
CVSS 4.4
EPSS 0.00
CVE-2026-23684 MEDIUM
SAP Commerce cloud - Info Disclosure
Feb 10, 2026
CVSS 5.9
EPSS 0.00
CVE-2026-23681 MEDIUM
SAP Support Tools Plug-In - Info Disclosure
Feb 10, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-0509 CRITICAL
SAP NetWeaver Application Server ABAP/ABAP Platform - Privilege Esc...
Feb 10, 2026
CVSS 9.6
EPSS 0.00
CVE-2026-0508 HIGH
SAP BusinessObjects - Open Redirect
Feb 10, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-0505 MEDIUM
SAP Document Management System - Unauthenticated Open Redirect via URL Parameter Manipulation
Feb 10, 2026
CVSS 6.1
EPSS 0.00
Products
3d_visual_enterprise_viewer 131 netweaver 102 netweaver_application_server_abap 78 businessobjects_business_intelligence_platform 73 netweaver_application_server_java 68 businessobjects_business_intelligence 45 hana 38 solution_manager 33 business_one 31 internet_graphics_server 28 3d_visual_enterprise_author 27 businessobjects 23 netweaver_abap 21 netweaver_process_integration 21 netweaver_enterprise_portal 20 business_objects_business_intelligence_platform 18 commerce_cloud 18 hana_extended_application_services 18 sap_basis 18 s\/4hana 17 disclosure_management 16 host_agent 15 adaptive_server_enterprise 14 enable_now 14 s4core 13 abap_platform 12 customer_relationship_management_webclient_ui 12 netweaver_as_abap 12 sap_db 12 sap_kernel 11
Quick Filters
Critical CVEs With Exploits In CISA KEV