Netweaver Application Server Abap

3 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-0488 CRITICAL Act Now

Unauthorized code execution in SAP CRM and SAP S/4HANA Scripting Editor. Authenticated attacker exploits generic function module call to execute unauthorized ABAP code. CVSS 9.9.

Sap Netweaver Application Server Abap Webclient Ui Framework
NVD
CVSS 3.1
9.9
EPSS
0.0%
CVE-2026-0506 HIGH PATCH This Week

Netweaver Application Server Abap versions up to 700 is affected by missing authorization (CVSS 8.1).

Authentication Bypass Netweaver Application Server Abap
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2024-21738 MEDIUM Monitor

SAP NetWeaver ABAP Application Server and ABAP Platform do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Sap Netweaver Application Server Abap
NVD
CVSS 3.1
4.1
EPSS
0.2%
CVE-2026-0488
EPSS 0% CVSS 9.9
CRITICAL Act Now

Unauthorized code execution in SAP CRM and SAP S/4HANA Scripting Editor. Authenticated attacker exploits generic function module call to execute unauthorized ABAP code. CVSS 9.9.

Sap Netweaver Application Server Abap Webclient Ui Framework
NVD
CVE-2026-0506
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Netweaver Application Server Abap versions up to 700 is affected by missing authorization (CVSS 8.1).

Authentication Bypass Netweaver Application Server Abap
NVD
CVE-2024-21738
EPSS 0% CVSS 4.1
MEDIUM Monitor

SAP NetWeaver ABAP Application Server and ABAP Platform do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Sap Netweaver Application Server Abap
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy