Skip to main content

SAP

1669 CVEs vendor

Monthly

CVE-2026-0486 MEDIUM This Month

SAP Solution Tools Plug In fails to enforce authorization checks in remote-enabled ABAP function modules, allowing authenticated users to access and disclose sensitive system information. An attacker with valid credentials can query protected data without proper access controls, though system integrity and availability remain unaffected. No patch is currently available for this medium-severity vulnerability.

SAP Solution Tools Plug In
NVD
CVSS 3.1
5.0
EPSS
0.0%
CVE-2026-0485 HIGH This Week

Businessobjects Business Intelligence Platform versions up to 430 contains a security vulnerability (CVSS 7.5).

SAP Denial Of Service Businessobjects Business Intelligence Platform
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-0484 MEDIUM This Month

Sap Basis versions up to 700 is affected by url redirection to untrusted site (open redirect) (CVSS 6.5).

SAP Sap Basis
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-23683 MEDIUM This Month

Insufficient authorization checks in SAP Fiori App Intercompany Balance Reconciliation allow authenticated users to access data beyond their intended permissions, resulting in privilege escalation with limited confidentiality impact. An attacker with valid credentials can exploit this flaw to view sensitive financial reconciliation information they should not have access to. No patch is currently available.

SAP Privilege Escalation
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-0514 MEDIUM This Month

Reflected XSS in SAP Business Connector enables unauthenticated attackers to craft malicious links that redirect users to attacker-controlled sites, potentially compromising webclient confidentiality and integrity when victims click the link. The vulnerability requires user interaction and has no available patch, making client-side awareness critical for mitigation.

SAP XSS Business Connector
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2026-0513 MEDIUM PATCH This Month

Supplier Relationship Management versions up to 700 is affected by url redirection to untrusted site (open redirect) (CVSS 4.7).

SAP Open Redirect Supplier Relationship Management
NVD
CVSS 3.1
4.7
EPSS
0.1%
CVE-2026-0511 HIGH This Week

SAP Fiori App Intercompany Balance Reconciliation fails to enforce proper authorization controls, allowing authenticated users to escalate privileges and access or modify sensitive data they should not have permission to view. An attacker with valid credentials can exploit missing access checks to compromise the confidentiality and integrity of financial reconciliation data. No patch is currently available for this vulnerability.

SAP Privilege Escalation
NVD
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-0507 HIGH This Week

SAP Application Server for ABAP and NetWeaver RFCSDK contain an OS command injection vulnerability that allows authenticated administrators with adjacent network access to execute arbitrary system commands by uploading malicious content. Successful exploitation results in complete system compromise affecting confidentiality, integrity, and availability. No patch is currently available.

SAP Command Injection
NVD
CVSS 3.1
8.4
EPSS
1.4%
CVE-2026-0504 LOW Monitor

Due to insufficient input handling, the SAP Identity Management REST interface allows an authenticated administrator to submit specially crafted malicious REST requests that are processed by JNDI operations without adequate input neutralization. [CVSS 3.8 LOW]

SAP
NVD
CVSS 3.1
3.8
EPSS
0.0%
CVE-2026-0503 MEDIUM This Month

Missing authorization controls in SAP ECC and SAP S/4HANA EHS Management allow authenticated attackers to extract hardcoded credentials and bypass password authentication through parameter manipulation. Successful exploitation enables attackers to access, modify, or delete change pointer data within EHS objects, potentially compromising downstream systems with low impact to confidentiality and integrity. No patch is currently available.

SAP
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2026-0501 CRITICAL Act Now

SAP S/4HANA General Ledger (Private Cloud and On-Premise) has SQL injection allowing authenticated users to read, modify, and delete backend database data with scope change (CVSS 9.9). Financial data is directly at risk.

SAP
NVD
CVSS 3.1
9.9
EPSS
0.1%
CVE-2026-0500 CRITICAL PATCH Act Now

SAP Wily Introscope Enterprise Manager uses a vulnerable third-party component that allows unauthenticated attackers to create malicious JNLP files at public URLs. Victims who click these URLs execute OS commands on their machines. Scope change. Patch available.

SAP Java Command Injection Introscope Enterprise Manager
NVD
CVSS 3.1
9.6
EPSS
0.1%
CVE-2026-0499 MEDIUM This Month

Reflected cross-site scripting in SAP NetWeaver Enterprise Portal enables unauthenticated attackers to inject malicious scripts via URL parameters that execute in users' browsers. Successful exploitation can lead to session hijacking, portal content manipulation, and unauthorized user redirection, affecting confidentiality and integrity with no patch currently available.

SAP
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2026-0498 CRITICAL PATCH Act Now

SAP S/4HANA (Private Cloud and On-Premise) has the same backdoor vulnerability as CVE-2026-0491 – admin-exploitable ABAP/OS command injection via RFC function module. Patch available.

SAP Command Injection
NVD
CVSS 3.1
9.1
EPSS
0.1%
CVE-2026-0497 MEDIUM This Month

SAP Product Designer Web UI in Business Server Pages permits authenticated users without administrative privileges to view non-sensitive information they should not access. This authorization bypass affects confidentiality but carries no risk to system integrity or availability. No patch is currently available to remediate this exposure.

SAP
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-0496 MEDIUM This Month

SAP Fiori App Intercompany Balance Reconciliation contains an unrestricted file upload vulnerability that permits high-privileged attackers to upload malicious files, including scripts, due to insufficient file format validation. While the direct impact on confidentiality, integrity, and availability is limited, this flaw could enable attackers with administrative access to compromise application functionality or escalate their capabilities. No patch is currently available for this vulnerability.

SAP
NVD
CVSS 3.1
6.6
EPSS
0.0%
CVE-2026-0495 MEDIUM This Month

SAP Fiori App Intercompany Balance Reconciliation contains an email redirection flaw that allows high-privileged attackers to redirect uploaded files to arbitrary email addresses, facilitating targeted phishing attacks. The vulnerability requires high privileges and user interaction, resulting in limited confidentiality, integrity, and availability impact. No patch is currently available for this medium-severity issue.

SAP
NVD
CVSS 3.1
5.1
EPSS
0.0%
CVE-2026-0494 MEDIUM This Month

SAP Fiori App Intercompany Balance Reconciliation contains an information disclosure vulnerability that allows authenticated attackers to access restricted data under specific conditions. The vulnerability requires valid user credentials and network access but does not impact system integrity or availability. No patch is currently available.

SAP
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-0493 MEDIUM This Month

SAP Fiori App Intercompany Balance Reconciliation an attacker is affected by cross-site request forgery (csrf) (CVSS 4.3).

SAP Industrial CSRF
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-0492 HIGH PATCH This Week

Hana Database versions up to 2.00 is affected by missing authentication for critical function (CVSS 8.8).

SAP Privilege Escalation Hana Database
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-0491 CRITICAL Act Now

SAP Landscape Transformation has an admin-exploitable backdoor via RFC function module that allows injection of arbitrary ABAP code and OS commands, bypassing authorization checks. Scope change enables full SAP system compromise.

SAP Command Injection
NVD
CVSS 3.1
9.1
EPSS
0.1%
CVE-2025-10703 HIGH This Month

Improper Control of Generation of Code ('Code Injection') vulnerability in Progress DataDirect Connect for JDBC drivers, Progress DataDirect Open Access JDBC driver and Hybrid Data Pipeline allows. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Docker Oracle Apache Google SAP +5
NVD
CVSS 4.0
8.6
EPSS
0.4%
CVE-2025-10702 HIGH This Month

Improper Control of Generation of Code ('Code Injection') vulnerability in Progress DataDirect Connect for JDBC drivers, Progress DataDirect Open Access JDBC driver and Hybrid Data Pipeline allows. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Docker Oracle Apache Google SAP +4
NVD
CVSS 4.0
8.6
EPSS
0.4%
CVE-2025-42940 HIGH This Month

SAP CommonCryptoLib does not perform necessary boundary checks during pre-authentication parsing of manipulated ASN.1 data over the network. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption SAP Buffer Overflow
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-42924 MEDIUM This Month

SAP S/4HANA landscape SAP E-Recruiting BSP allows an unauthenticated attacker to craft malicious links, when clicked the victim could be redirected to the page controlled by the attacker. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Open Redirect
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-42919 MEDIUM This Month

Due to an Information Disclosure vulnerability in SAP NetWeaver Application Server Java, internal metadata files could be accessed via manipulated URLs. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Path Traversal Information Disclosure Authentication Bypass
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2025-42899 MEDIUM Monitor

SAP S4CORE (Manage journal entries) does not perform necessary authorization checks for an authenticated user resulting in escalation of privileges. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-42897 MEDIUM This Month

Due to information disclosure vulnerability in anonymous API provided by SAP Business One (SLD), an attacker with normal user access could gain access to unauthorized information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Information Disclosure
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-42895 MEDIUM This Month

Due to insufficient validation of connection property values, the SAP HANA JDBC Client allows a high-privilege locally authenticated user to supply crafted parameters that lead to unauthorized code. Rated medium severity (CVSS 6.9), this vulnerability is low attack complexity. No vendor patch available.

SAP RCE Code Injection
NVD
CVSS 3.1
6.9
EPSS
0.0%
CVE-2025-42894 MEDIUM This Month

Due to a Path Traversal vulnerability in SAP Business Connector, an attacker authenticated as an administrator with adjacent access could read, write, overwrite, and delete arbitrary files on the. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

SAP Path Traversal Business Connector
NVD
CVSS 3.1
6.8
EPSS
0.1%
CVE-2025-42893 MEDIUM This Month

Due to an Open Redirect vulnerability in SAP Business Connector, an unauthenticated attacker could craft a malicious URL that, if accessed by a victim, redirects them to an attacker-controlled site. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Open Redirect Business Connector
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-42892 MEDIUM This Month

Due to an OS Command Injection vulnerability in SAP Business Connector, an authenticated attacker with administrative access and adjacent network access could upload specially crafted content to the. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

SAP Command Injection Business Connector
NVD
CVSS 3.1
6.8
EPSS
0.2%
CVE-2025-42889 MEDIUM This Month

SAP Starter Solution allows an authenticated attacker to execute crafted database queries, thereby exposing the back-end database. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi SAP
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2025-42888 MEDIUM This Month

SAP GUI for Windows may allow a highly privileged user on the affected client PC to locally access sensitive information stored in process memory during runtime.This vulnerability has a high impact. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

SAP Information Disclosure Microsoft Windows
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-42887 CRITICAL This Week

Due to missing input sanitation, SAP Solution Manager allows an authenticated attacker to insert malicious code when calling a remote-enabled function module. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP RCE Code Injection
NVD
CVSS 3.1
9.9
EPSS
0.1%
CVE-2025-42886 MEDIUM This Month

Due to a Reflected Cross-Site Scripting (XSS) vulnerability in SAP Business Connector, an unauthenticated attacker could generate a malicious link and make it publicly accessible. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP XSS Business Connector
NVD
CVSS 3.1
6.1
EPSS
0.2%
CVE-2025-42885 MEDIUM This Month

Due to missing authentication, SAP HANA 2.0 (hdbrss) allows an unauthenticated attacker to call a remote-enabled function that will enable them to view information. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Authentication Bypass
NVD
CVSS 3.1
5.8
EPSS
0.1%
CVE-2025-42884 MEDIUM This Month

SAP NetWeaver Enterprise Portal allows an unauthenticated attacker to inject JNDI environment properties or pass a URL used during JNDI lookup operations, enabling access to an unintended JNDI. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Nosql Injection Code Injection
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-42883 LOW Monitor

Migration Workbench (DX Workbench) in SAP NetWeaver Application Server for ABAP fails to trigger a malware scan when an attacker with administrative privileges uploads files to the application. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload SAP
NVD
CVSS 3.1
2.7
EPSS
0.0%
CVE-2025-42882 MEDIUM Monitor

Due to a missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker with basic privileges could execute a specific function module in ABAP to retrieve. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-42907 MEDIUM Monitor

SAP BI Platform allows an attacker to modify the IP address of the LogonToken for the OpenDoc. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP SSRF
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-42958 CRITICAL Act Now

Due to a missing authentication check in the SAP NetWeaver application on IBM i-series, the application allows high privileged unauthorized users to read, modify, or delete sensitive information, as. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass SAP IBM Privilege Escalation
NVD
CVSS 3.1
9.1
EPSS
0.1%
CVE-2025-42944 CRITICAL This Week

Due to a deserialization vulnerability in SAP NetWeaver, an unauthenticated attacker could exploit the system through the RMI-P4 module by submitting malicious payload to an open port. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Deserialization SAP Java
NVD
CVSS 3.1
10.0
EPSS
0.1%
CVE-2025-42938 MEDIUM This Month

Due to a Cross-Site Scripting (XSS) vulnerability in the SAP NetWeaver ABAP Platform, an unauthenticated attacker could generate a malicious link and make it publicly accessible. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP XSS
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-42933 HIGH This Month

When a user logs in via SAP Business One native client, the SLD backend service fails to enforce proper encryption of certain APIs. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Information Disclosure
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-42930 MEDIUM This Month

SAP Business Planning and Consolidation allows an authenticated standard user to call a function module by crafting specific parameters that causes a loop, consuming excessive resources and resulting. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Information Disclosure
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-42927 LOW Monitor

SAP NetWeaver AS Java application uses Adobe Document Service, installed with a vulnerable version of OpenSSL.Successful exploitation of known vulnerabilities in the outdated OpenSSL library would. Rated low severity (CVSS 3.4), this vulnerability is low attack complexity. No vendor patch available.

Java Adobe OpenSSL SAP Information Disclosure
NVD
CVSS 3.1
3.4
EPSS
0.0%
CVE-2025-42926 MEDIUM PATCH This Month

SAP NetWeaver Application Server Java does not perform an authentication check when an attacker attempts to access internal files within the web application.Upon successfully exploitation, an. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Authentication Bypass SAP Java Netweaver Application Server Java
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-42925 MEDIUM Monitor

Due to the lack of randomness in assigning Object Identifiers in the SAP NetWeaver AS JAVA IIOP service, an authenticated attacker with low privileges could predict the identifiers by conducting a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure SAP Java
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-42923 MEDIUM Monitor

Due to insufficient CSRF protection in SAP Fiori App Manage Work Center Groups, an authenticated user could be tricked by an attacker to send unintended request to the web server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP CSRF
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-42922 CRITICAL This Week

SAP NetWeaver AS Java allows an attacker authenticated as a non-administrative user to use a flaw in an available service to upload an arbitrary file. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE SAP Code Injection Java
NVD
CVSS 3.1
9.9
EPSS
0.1%
CVE-2025-42920 MEDIUM PATCH This Month

Due to a Cross-Site Scripting (XSS) vulnerability in the SAP Supplier Relationship Management, an unauthenticated attacker could generate a malicious link and make it publicly accessible. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

SAP XSS Supplier Relationship Management
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-42918 MEDIUM PATCH Monitor

SAP NetWeaver Application Server for ABAP allows authenticated users with access to background processing to gain unauthorized read access to profile parameters. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass SAP Sap Basis
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-42917 MEDIUM This Month

SAP HCM Approve Timesheets Fiori 2.0 application does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass SAP
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-42914 LOW Monitor

Due to missing authorization checks, SAP HCM My Timesheet Fiori 2.0 application allows an authenticated attacker with in-depth system knowledge to escalate privileges and perform activities that are. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass SAP
NVD
CVSS 3.1
3.1
EPSS
0.0%
CVE-2025-42913 LOW Monitor

Due to missing authorization checks, SAP HCM My Timesheet Fiori 2.0 application allows an authenticated attacker with in-depth system knowledge to escalate privileges and perform activities that are. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass SAP
NVD
CVSS 3.1
3.1
EPSS
0.0%
CVE-2025-42912 MEDIUM This Month

SAP HCM My Timesheet Fiori 2.0 application does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass SAP
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-42911 MEDIUM PATCH This Month

SAP NetWeaver (Service Data Download) allows an authenticated user to call a remote-enabled function module, which could grant access to information about the SAP system and operating system. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass SAP Sap Basis
NVD
CVSS 3.1
5.0
EPSS
0.0%
CVE-2025-42976 HIGH This Month

SAP NetWeaver Application Server ABAP (BIC Document) allows an authenticated attacker to craft a request that, when submitted to a BIC Document application, could cause a memory corruption error. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow SAP Information Disclosure
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2025-42975 MEDIUM This Month

SAP NetWeaver Application Server ABAP (BIC Document) allows an unauthenticated attacker to craft a URL link which, when accessed on the BIC Document application, embeds a malicious script. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP XSS
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-42957 CRITICAL This Week

SAP S/4HANA allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE SAP Code Injection
NVD
CVSS 3.1
9.9
EPSS
0.1%
CVE-2025-42955 LOW Monitor

Due to a missing authorization check in SAP Cloud Connector, an attacker on an adjacent network with low privileges could send a crafted request to the endpoint responsible for testing LDAP. Rated low severity (CVSS 3.5), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass SAP
NVD
CVSS 3.1
3.5
EPSS
0.0%
CVE-2025-42951 HIGH This Month

Due to broken authorization, SAP Business One (SLD) allows an authenticated attacker to gain administrator privileges of a database by invoking the corresponding API.�As a result , it has a high. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass SAP
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-42950 CRITICAL This Week

SAP Landscape Transformation (SLT) allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE SAP Code Injection
NVD
CVSS 3.1
9.9
EPSS
0.1%
CVE-2025-42948 MEDIUM This Month

Due to a Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver ABAP Platform, an unauthenticated attacker could generate a malicious link and make it publicly accessible. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP XSS
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-42946 MEDIUM This Month

Due to directory traversal vulnerability in SAP S/4HANA (Bank Communication Management), an attacker with high privileges and access to a specific transaction and method in Bank Communication. Rated medium severity (CVSS 6.9), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass SAP Path Traversal
NVD
CVSS 3.1
6.9
EPSS
0.1%
CVE-2025-42945 MEDIUM This Month

SAP NetWeaver Application Server ABAP has HTML injection vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE SAP Code Injection
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-42943 MEDIUM Monitor

SAP GUI for Windows may allow the leak of NTML hashes when specific ABAP frontend services are called with UNC paths. Rated medium severity (CVSS 4.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Microsoft Privilege Escalation Windows
NVD
CVSS 3.1
4.5
EPSS
0.0%
CVE-2025-42942 MEDIUM This Month

SAP NetWeaver Application Server for ABAP has cross-site scripting vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP XSS
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-42941 LOW Monitor

SAP Fiori (Launchpad) is vulnerable to Reverse Tabnabbing vulnerability due to inadequate external navigation protections for its link (<a>) elements. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Information Disclosure
NVD
CVSS 3.1
3.5
EPSS
0.0%
CVE-2025-42936 MEDIUM PATCH This Month

The SAP NetWeaver Application Server for ABAP does not enable an administrator to assign distinguished authorizations for different user roles, this issue allows authenticated users to access. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

SAP Privilege Escalation Sap Basis
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-42935 MEDIUM Monitor

The SAP NetWeaver Application Server ABAP and ABAP Platform Internet Communication Manager (ICM) permits authorized users with admin privileges and local access to log files to read sensitive. Rated medium severity (CVSS 4.1). No vendor patch available.

SAP Information Disclosure
NVD
CVSS 3.1
4.1
EPSS
0.0%
CVE-2025-42934 MEDIUM Monitor

SAP S/4HANA Supplier invoice is vulnerable to CRLF Injection. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass SAP
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-42956 MEDIUM PATCH This Month

SAP NetWeaver Application Server ABAP and ABAP Platform allows an unauthenticated attacker to create a malicious link which they can make publicly available. When an authenticated victim clicks on this malicious link, injected input data will be used by the web site page generation to create content which when executed in the victim's browser leading to low impact on Confidentiality and Integrity with no effect on Availability of the application.

SAP XSS Sap Basis
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-42986 MEDIUM PATCH This Month

Due to a missing authorization check in an obsolete RFC enabled function module in SAP BASIS, an authenticated low-privileged attacker could call a Remote Function Call (RFC), potentially accessing restricted system information. This results in low impact on confidentiality, with no impact on integrity or availability of the application.

SAP Authentication Bypass Sap Basis
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-42985 MEDIUM This Month

Due to insufficient sanitization in the SAP BusinessObjects Content Administrator Workbench, attackers could craft malicious URLs and execute scripts in a victim�s browser. This could potentially lead to the exposure or modification of web client data, resulting in low impact on confidentiality and integrity, with no impact on application availability.

SAP Open Redirect
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-42981 MEDIUM This Month

Due to an open redirect vulnerability in SAP NetWeaver Application Server ABAP, an unauthenticated attacker could craft a URL link embedding a malicious script at a location not properly sanitized. When a victim clicks on this link, the script executes within the victim's browser, redirecting them to a site controlled by the attacker. This allows the attacker to access and/or modify restricted information related to the web client. While the vulnerability poses no impact on data availability, it presents a considerable risk to confidentiality and integrity.

SAP Open Redirect
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-42980 CRITICAL Act Now

SAP NetWeaver Enterprise Portal Federated Portal Network is vulnerable when a privileged user can upload untrusted or malicious content which, when deserialized, could potentially lead to a compromise of confidentiality, integrity, and availability of the host system.

Deserialization SAP
NVD
CVSS 3.1
9.1
EPSS
0.1%
CVE-2025-42979 MEDIUM This Month

CVE-2025-42979 is a security vulnerability (CVSS 5.6). Remediation should follow standard vulnerability management procedures.

Microsoft SAP Information Disclosure Windows
NVD
CVSS 3.1
5.6
EPSS
0.0%
CVE-2025-42978 LOW Monitor

CVE-2025-42978 is a security vulnerability (CVSS 3.5). Remediation should follow standard vulnerability management procedures.

SAP Information Disclosure Java
NVD
CVSS 3.1
3.5
EPSS
0.0%
CVE-2025-42973 MEDIUM This Month

Due to a Cross-Site Scripting vulnerability in SAP Data Services Management Console, an authenticated attacker could exploit the search functionality associated with DQ job status reports. By intercepting requests, malicious script can be injected and subsequently executed when a user loads the affected page. This results in a limited impact on the confidentiality and integrity of user session information, while availability remains unaffected.

SAP XSS
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-42969 MEDIUM This Month

SAP NetWeaver Application Server ABAP and ABAP Platform allows an unauthenticated attacker to inject a malicious script into a dynamically crafted URL. The victim, when tricked into clicking on this crafted URL unknowingly executes the malicious payload in their browser. On successful exploitation, the attacker can access or modify sensitive information within the scope of victim's web browser, with no impact on availability of the application.

SAP XSS
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-42968 MEDIUM PATCH This Month

SAP NetWeaver allows an authenticated non-administrative user to call the remote-enabled function module which could grants access to non-sensitive information about the SAP system and OS without requiring any specific knowledge or controlled conditions. This leads to a low impact on confidentiality with no effect on integrity or availability of the application.

SAP Authentication Bypass Netweaver
NVD
CVSS 3.1
5.0
EPSS
0.0%
CVE-2025-42967 CRITICAL Act Now

SAP S/4HANA and SAP SCM Characteristic Propagation has remote code execution vulnerability. This allows an attacker with user level privileges to create a new report with his own code potentially gaining full control of the affected SAP system causing high impact on confidentiality, integrity, and availability of the application.

SAP RCE Code Injection
NVD
CVSS 3.1
9.9
EPSS
0.7%
CVE-2025-42966 CRITICAL Act Now

SAP NetWeaver XML Data Archiving Service allows an authenticated attacker with administrative privileges to exploit an insecure Java deserialization vulnerability by sending a specially crafted serialized Java object. This could lead to high impact on confidentiality, integrity, and availability of the application.

Deserialization SAP Java
NVD
CVSS 3.1
9.1
EPSS
0.2%
CVE-2025-42965 MEDIUM This Month

SAP CMC Promotion Management allows an authenticated attacker to enumerate internal network systems by submitting crafted requests during job source configuration. By analysing response times for various IP addresses and ports, the attacker can infer valid network endpoints. Successful exploitation may lead to information disclosure. This vulnerability does not impact the integrity or availability of the application.

SAP Information Disclosure SSRF
NVD
CVSS 3.1
4.1
EPSS
0.0%
CVE-2025-42964 CRITICAL Act Now

SAP NetWeaver Enterprise Portal Administration is vulnerable when a privileged user can upload untrusted or malicious content which, when deserialized, could potentially lead to a compromise of confidentiality, integrity, and availability of the host system.

Deserialization SAP
NVD
CVSS 3.1
9.1
EPSS
0.1%
CVE-2025-42963 CRITICAL Act Now

A critical vulnerability in SAP NetWeaver Application server for Java Log Viewer enables authenticated administrator users to exploit unsafe Java object deserialization. Successful exploitation can lead to full operating system compromise, granting attackers complete control over the affected system. This results in a severe impact on the confidentiality, integrity, and availability of the application and host environment.

Deserialization SAP Java
NVD
CVSS 3.1
9.1
EPSS
0.2%
CVE-2025-42962 MEDIUM This Month

SAP Business Warehouse (Business Explorer Web) allows an attacker to create a malicious link. If an authenticated user clicks on this link, the injected script gets executed within the scope of victim�s browser. This potentially leads to an impact on confidentiality and integrity. Availability is not impacted.

SAP XSS
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-42961 MEDIUM This Month

Due to a missing authorization check in SAP NetWeaver Application server for ABAP, an authenticated user with high privileges could exploit the insufficient validation of user permissions to access sensitive database tables. By leveraging overly permissive access configurations, unauthorized reading of critical data is possible, resulting in a significant impact on the confidentiality of the information stored. However, the integrity and availability of the system remain unaffected.

SAP Authentication Bypass
NVD
CVSS 3.1
4.9
EPSS
0.0%
EPSS 0% CVSS 5.0
MEDIUM This Month

SAP Solution Tools Plug In fails to enforce authorization checks in remote-enabled ABAP function modules, allowing authenticated users to access and disclose sensitive system information. An attacker with valid credentials can query protected data without proper access controls, though system integrity and availability remain unaffected. No patch is currently available for this medium-severity vulnerability.

SAP Solution Tools Plug In
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Businessobjects Business Intelligence Platform versions up to 430 contains a security vulnerability (CVSS 7.5).

SAP Denial Of Service Businessobjects Business Intelligence Platform
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Sap Basis versions up to 700 is affected by url redirection to untrusted site (open redirect) (CVSS 6.5).

SAP Sap Basis
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Insufficient authorization checks in SAP Fiori App Intercompany Balance Reconciliation allow authenticated users to access data beyond their intended permissions, resulting in privilege escalation with limited confidentiality impact. An attacker with valid credentials can exploit this flaw to view sensitive financial reconciliation information they should not have access to. No patch is currently available.

SAP Privilege Escalation
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Reflected XSS in SAP Business Connector enables unauthenticated attackers to craft malicious links that redirect users to attacker-controlled sites, potentially compromising webclient confidentiality and integrity when victims click the link. The vulnerability requires user interaction and has no available patch, making client-side awareness critical for mitigation.

SAP XSS Business Connector
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

Supplier Relationship Management versions up to 700 is affected by url redirection to untrusted site (open redirect) (CVSS 4.7).

SAP Open Redirect Supplier Relationship Management
NVD
EPSS 0% CVSS 8.1
HIGH This Week

SAP Fiori App Intercompany Balance Reconciliation fails to enforce proper authorization controls, allowing authenticated users to escalate privileges and access or modify sensitive data they should not have permission to view. An attacker with valid credentials can exploit missing access checks to compromise the confidentiality and integrity of financial reconciliation data. No patch is currently available for this vulnerability.

SAP Privilege Escalation
NVD
EPSS 1% CVSS 8.4
HIGH This Week

SAP Application Server for ABAP and NetWeaver RFCSDK contain an OS command injection vulnerability that allows authenticated administrators with adjacent network access to execute arbitrary system commands by uploading malicious content. Successful exploitation results in complete system compromise affecting confidentiality, integrity, and availability. No patch is currently available.

SAP Command Injection
NVD
EPSS 0% CVSS 3.8
LOW Monitor

Due to insufficient input handling, the SAP Identity Management REST interface allows an authenticated administrator to submit specially crafted malicious REST requests that are processed by JNDI operations without adequate input neutralization. [CVSS 3.8 LOW]

SAP
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

Missing authorization controls in SAP ECC and SAP S/4HANA EHS Management allow authenticated attackers to extract hardcoded credentials and bypass password authentication through parameter manipulation. Successful exploitation enables attackers to access, modify, or delete change pointer data within EHS objects, potentially compromising downstream systems with low impact to confidentiality and integrity. No patch is currently available.

SAP
NVD
EPSS 0% CVSS 9.9
CRITICAL Act Now

SAP S/4HANA General Ledger (Private Cloud and On-Premise) has SQL injection allowing authenticated users to read, modify, and delete backend database data with scope change (CVSS 9.9). Financial data is directly at risk.

SAP
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

SAP Wily Introscope Enterprise Manager uses a vulnerable third-party component that allows unauthenticated attackers to create malicious JNLP files at public URLs. Victims who click these URLs execute OS commands on their machines. Scope change. Patch available.

SAP Java Command Injection +1
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Reflected cross-site scripting in SAP NetWeaver Enterprise Portal enables unauthenticated attackers to inject malicious scripts via URL parameters that execute in users' browsers. Successful exploitation can lead to session hijacking, portal content manipulation, and unauthorized user redirection, affecting confidentiality and integrity with no patch currently available.

SAP
NVD
EPSS 0% CVSS 9.1
CRITICAL PATCH Act Now

SAP S/4HANA (Private Cloud and On-Premise) has the same backdoor vulnerability as CVE-2026-0491 – admin-exploitable ABAP/OS command injection via RFC function module. Patch available.

SAP Command Injection
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

SAP Product Designer Web UI in Business Server Pages permits authenticated users without administrative privileges to view non-sensitive information they should not access. This authorization bypass affects confidentiality but carries no risk to system integrity or availability. No patch is currently available to remediate this exposure.

SAP
NVD
EPSS 0% CVSS 6.6
MEDIUM This Month

SAP Fiori App Intercompany Balance Reconciliation contains an unrestricted file upload vulnerability that permits high-privileged attackers to upload malicious files, including scripts, due to insufficient file format validation. While the direct impact on confidentiality, integrity, and availability is limited, this flaw could enable attackers with administrative access to compromise application functionality or escalate their capabilities. No patch is currently available for this vulnerability.

SAP
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

SAP Fiori App Intercompany Balance Reconciliation contains an email redirection flaw that allows high-privileged attackers to redirect uploaded files to arbitrary email addresses, facilitating targeted phishing attacks. The vulnerability requires high privileges and user interaction, resulting in limited confidentiality, integrity, and availability impact. No patch is currently available for this medium-severity issue.

SAP
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

SAP Fiori App Intercompany Balance Reconciliation contains an information disclosure vulnerability that allows authenticated attackers to access restricted data under specific conditions. The vulnerability requires valid user credentials and network access but does not impact system integrity or availability. No patch is currently available.

SAP
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

SAP Fiori App Intercompany Balance Reconciliation an attacker is affected by cross-site request forgery (csrf) (CVSS 4.3).

SAP Industrial CSRF
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Hana Database versions up to 2.00 is affected by missing authentication for critical function (CVSS 8.8).

SAP Privilege Escalation Hana Database
NVD
EPSS 0% CVSS 9.1
CRITICAL Act Now

SAP Landscape Transformation has an admin-exploitable backdoor via RFC function module that allows injection of arbitrary ABAP code and OS commands, bypassing authorization checks. Scope change enables full SAP system compromise.

SAP Command Injection
NVD
EPSS 0% CVSS 8.6
HIGH This Month

Improper Control of Generation of Code ('Code Injection') vulnerability in Progress DataDirect Connect for JDBC drivers, Progress DataDirect Open Access JDBC driver and Hybrid Data Pipeline allows. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Docker Oracle Apache +7
NVD
EPSS 0% CVSS 8.6
HIGH This Month

Improper Control of Generation of Code ('Code Injection') vulnerability in Progress DataDirect Connect for JDBC drivers, Progress DataDirect Open Access JDBC driver and Hybrid Data Pipeline allows. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Docker Oracle Apache +6
NVD
EPSS 0% CVSS 7.5
HIGH This Month

SAP CommonCryptoLib does not perform necessary boundary checks during pre-authentication parsing of manipulated ASN.1 data over the network. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption SAP Buffer Overflow
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

SAP S/4HANA landscape SAP E-Recruiting BSP allows an unauthenticated attacker to craft malicious links, when clicked the victim could be redirected to the page controlled by the attacker. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Open Redirect
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Due to an Information Disclosure vulnerability in SAP NetWeaver Application Server Java, internal metadata files could be accessed via manipulated URLs. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Path Traversal Information Disclosure +1
NVD
EPSS 0% CVSS 4.3
MEDIUM Monitor

SAP S4CORE (Manage journal entries) does not perform necessary authorization checks for an authenticated user resulting in escalation of privileges. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Authentication Bypass
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Due to information disclosure vulnerability in anonymous API provided by SAP Business One (SLD), an attacker with normal user access could gain access to unauthorized information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Information Disclosure
NVD
EPSS 0% CVSS 6.9
MEDIUM This Month

Due to insufficient validation of connection property values, the SAP HANA JDBC Client allows a high-privilege locally authenticated user to supply crafted parameters that lead to unauthorized code. Rated medium severity (CVSS 6.9), this vulnerability is low attack complexity. No vendor patch available.

SAP RCE Code Injection
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Due to a Path Traversal vulnerability in SAP Business Connector, an attacker authenticated as an administrator with adjacent access could read, write, overwrite, and delete arbitrary files on the. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

SAP Path Traversal Business Connector
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Due to an Open Redirect vulnerability in SAP Business Connector, an unauthenticated attacker could craft a malicious URL that, if accessed by a victim, redirects them to an attacker-controlled site. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Open Redirect Business Connector
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Due to an OS Command Injection vulnerability in SAP Business Connector, an authenticated attacker with administrative access and adjacent network access could upload specially crafted content to the. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

SAP Command Injection Business Connector
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

SAP Starter Solution allows an authenticated attacker to execute crafted database queries, thereby exposing the back-end database. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi SAP
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

SAP GUI for Windows may allow a highly privileged user on the affected client PC to locally access sensitive information stored in process memory during runtime.This vulnerability has a high impact. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

SAP Information Disclosure Microsoft +1
NVD
EPSS 0% CVSS 9.9
CRITICAL This Week

Due to missing input sanitation, SAP Solution Manager allows an authenticated attacker to insert malicious code when calling a remote-enabled function module. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP RCE Code Injection
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Due to a Reflected Cross-Site Scripting (XSS) vulnerability in SAP Business Connector, an unauthenticated attacker could generate a malicious link and make it publicly accessible. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP XSS Business Connector
NVD
EPSS 0% CVSS 5.8
MEDIUM This Month

Due to missing authentication, SAP HANA 2.0 (hdbrss) allows an unauthenticated attacker to call a remote-enabled function that will enable them to view information. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Authentication Bypass
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

SAP NetWeaver Enterprise Portal allows an unauthenticated attacker to inject JNDI environment properties or pass a URL used during JNDI lookup operations, enabling access to an unintended JNDI. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Nosql Injection Code Injection
NVD
EPSS 0% CVSS 2.7
LOW Monitor

Migration Workbench (DX Workbench) in SAP NetWeaver Application Server for ABAP fails to trigger a malware scan when an attacker with administrative privileges uploads files to the application. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload SAP
NVD
EPSS 0% CVSS 4.3
MEDIUM Monitor

Due to a missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker with basic privileges could execute a specific function module in ABAP to retrieve. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Authentication Bypass
NVD
EPSS 0% CVSS 4.3
MEDIUM Monitor

SAP BI Platform allows an attacker to modify the IP address of the LogonToken for the OpenDoc. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP SSRF
NVD
EPSS 0% CVSS 9.1
CRITICAL Act Now

Due to a missing authentication check in the SAP NetWeaver application on IBM i-series, the application allows high privileged unauthorized users to read, modify, or delete sensitive information, as. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass SAP IBM +1
NVD
EPSS 0% CVSS 10.0
CRITICAL This Week

Due to a deserialization vulnerability in SAP NetWeaver, an unauthenticated attacker could exploit the system through the RMI-P4 module by submitting malicious payload to an open port. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Deserialization SAP +1
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Due to a Cross-Site Scripting (XSS) vulnerability in the SAP NetWeaver ABAP Platform, an unauthenticated attacker could generate a malicious link and make it publicly accessible. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP XSS
NVD
EPSS 0% CVSS 8.8
HIGH This Month

When a user logs in via SAP Business One native client, the SLD backend service fails to enforce proper encryption of certain APIs. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Information Disclosure
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

SAP Business Planning and Consolidation allows an authenticated standard user to call a function module by crafting specific parameters that causes a loop, consuming excessive resources and resulting. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Information Disclosure
NVD
EPSS 0% CVSS 3.4
LOW Monitor

SAP NetWeaver AS Java application uses Adobe Document Service, installed with a vulnerable version of OpenSSL.Successful exploitation of known vulnerabilities in the outdated OpenSSL library would. Rated low severity (CVSS 3.4), this vulnerability is low attack complexity. No vendor patch available.

Java Adobe OpenSSL +2
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

SAP NetWeaver Application Server Java does not perform an authentication check when an attacker attempts to access internal files within the web application.Upon successfully exploitation, an. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Authentication Bypass SAP Java +1
NVD
EPSS 0% CVSS 4.3
MEDIUM Monitor

Due to the lack of randomness in assigning Object Identifiers in the SAP NetWeaver AS JAVA IIOP service, an authenticated attacker with low privileges could predict the identifiers by conducting a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure SAP Java
NVD
EPSS 0% CVSS 4.3
MEDIUM Monitor

Due to insufficient CSRF protection in SAP Fiori App Manage Work Center Groups, an authenticated user could be tricked by an attacker to send unintended request to the web server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP CSRF
NVD
EPSS 0% CVSS 9.9
CRITICAL This Week

SAP NetWeaver AS Java allows an attacker authenticated as a non-administrative user to use a flaw in an available service to upload an arbitrary file. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE SAP Code Injection +1
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Due to a Cross-Site Scripting (XSS) vulnerability in the SAP Supplier Relationship Management, an unauthenticated attacker could generate a malicious link and make it publicly accessible. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

SAP XSS Supplier Relationship Management
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH Monitor

SAP NetWeaver Application Server for ABAP allows authenticated users with access to background processing to gain unauthorized read access to profile parameters. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass SAP Sap Basis
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

SAP HCM Approve Timesheets Fiori 2.0 application does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass SAP
NVD
EPSS 0% CVSS 3.1
LOW Monitor

Due to missing authorization checks, SAP HCM My Timesheet Fiori 2.0 application allows an authenticated attacker with in-depth system knowledge to escalate privileges and perform activities that are. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass SAP
NVD
EPSS 0% CVSS 3.1
LOW Monitor

Due to missing authorization checks, SAP HCM My Timesheet Fiori 2.0 application allows an authenticated attacker with in-depth system knowledge to escalate privileges and perform activities that are. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass SAP
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

SAP HCM My Timesheet Fiori 2.0 application does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass SAP
NVD
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

SAP NetWeaver (Service Data Download) allows an authenticated user to call a remote-enabled function module, which could grant access to information about the SAP system and operating system. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass SAP Sap Basis
NVD
EPSS 0% CVSS 8.1
HIGH This Month

SAP NetWeaver Application Server ABAP (BIC Document) allows an authenticated attacker to craft a request that, when submitted to a BIC Document application, could cause a memory corruption error. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow SAP Information Disclosure
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

SAP NetWeaver Application Server ABAP (BIC Document) allows an unauthenticated attacker to craft a URL link which, when accessed on the BIC Document application, embeds a malicious script. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP XSS
NVD
EPSS 0% CVSS 9.9
CRITICAL This Week

SAP S/4HANA allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE SAP Code Injection
NVD
EPSS 0% CVSS 3.5
LOW Monitor

Due to a missing authorization check in SAP Cloud Connector, an attacker on an adjacent network with low privileges could send a crafted request to the endpoint responsible for testing LDAP. Rated low severity (CVSS 3.5), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass SAP
NVD
EPSS 0% CVSS 8.8
HIGH This Month

Due to broken authorization, SAP Business One (SLD) allows an authenticated attacker to gain administrator privileges of a database by invoking the corresponding API.�As a result , it has a high. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass SAP
NVD
EPSS 0% CVSS 9.9
CRITICAL This Week

SAP Landscape Transformation (SLT) allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE SAP Code Injection
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Due to a Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver ABAP Platform, an unauthenticated attacker could generate a malicious link and make it publicly accessible. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP XSS
NVD
EPSS 0% CVSS 6.9
MEDIUM This Month

Due to directory traversal vulnerability in SAP S/4HANA (Bank Communication Management), an attacker with high privileges and access to a specific transaction and method in Bank Communication. Rated medium severity (CVSS 6.9), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass SAP Path Traversal
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

SAP NetWeaver Application Server ABAP has HTML injection vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE SAP Code Injection
NVD
EPSS 0% CVSS 4.5
MEDIUM Monitor

SAP GUI for Windows may allow the leak of NTML hashes when specific ABAP frontend services are called with UNC paths. Rated medium severity (CVSS 4.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Microsoft Privilege Escalation +1
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

SAP NetWeaver Application Server for ABAP has cross-site scripting vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP XSS
NVD
EPSS 0% CVSS 3.5
LOW Monitor

SAP Fiori (Launchpad) is vulnerable to Reverse Tabnabbing vulnerability due to inadequate external navigation protections for its link (<a>) elements. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Information Disclosure
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

The SAP NetWeaver Application Server for ABAP does not enable an administrator to assign distinguished authorizations for different user roles, this issue allows authenticated users to access. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

SAP Privilege Escalation Sap Basis
NVD
EPSS 0% CVSS 4.1
MEDIUM Monitor

The SAP NetWeaver Application Server ABAP and ABAP Platform Internet Communication Manager (ICM) permits authorized users with admin privileges and local access to log files to read sensitive. Rated medium severity (CVSS 4.1). No vendor patch available.

SAP Information Disclosure
NVD
EPSS 0% CVSS 4.3
MEDIUM Monitor

SAP S/4HANA Supplier invoice is vulnerable to CRLF Injection. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass SAP
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

SAP NetWeaver Application Server ABAP and ABAP Platform allows an unauthenticated attacker to create a malicious link which they can make publicly available. When an authenticated victim clicks on this malicious link, injected input data will be used by the web site page generation to create content which when executed in the victim's browser leading to low impact on Confidentiality and Integrity with no effect on Availability of the application.

SAP XSS Sap Basis
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Due to a missing authorization check in an obsolete RFC enabled function module in SAP BASIS, an authenticated low-privileged attacker could call a Remote Function Call (RFC), potentially accessing restricted system information. This results in low impact on confidentiality, with no impact on integrity or availability of the application.

SAP Authentication Bypass Sap Basis
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Due to insufficient sanitization in the SAP BusinessObjects Content Administrator Workbench, attackers could craft malicious URLs and execute scripts in a victim�s browser. This could potentially lead to the exposure or modification of web client data, resulting in low impact on confidentiality and integrity, with no impact on application availability.

SAP Open Redirect
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Due to an open redirect vulnerability in SAP NetWeaver Application Server ABAP, an unauthenticated attacker could craft a URL link embedding a malicious script at a location not properly sanitized. When a victim clicks on this link, the script executes within the victim's browser, redirecting them to a site controlled by the attacker. This allows the attacker to access and/or modify restricted information related to the web client. While the vulnerability poses no impact on data availability, it presents a considerable risk to confidentiality and integrity.

SAP Open Redirect
NVD
EPSS 0% CVSS 9.1
CRITICAL Act Now

SAP NetWeaver Enterprise Portal Federated Portal Network is vulnerable when a privileged user can upload untrusted or malicious content which, when deserialized, could potentially lead to a compromise of confidentiality, integrity, and availability of the host system.

Deserialization SAP
NVD
EPSS 0% CVSS 5.6
MEDIUM This Month

CVE-2025-42979 is a security vulnerability (CVSS 5.6). Remediation should follow standard vulnerability management procedures.

Microsoft SAP Information Disclosure +1
NVD
EPSS 0% CVSS 3.5
LOW Monitor

CVE-2025-42978 is a security vulnerability (CVSS 3.5). Remediation should follow standard vulnerability management procedures.

SAP Information Disclosure Java
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Due to a Cross-Site Scripting vulnerability in SAP Data Services Management Console, an authenticated attacker could exploit the search functionality associated with DQ job status reports. By intercepting requests, malicious script can be injected and subsequently executed when a user loads the affected page. This results in a limited impact on the confidentiality and integrity of user session information, while availability remains unaffected.

SAP XSS
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

SAP NetWeaver Application Server ABAP and ABAP Platform allows an unauthenticated attacker to inject a malicious script into a dynamically crafted URL. The victim, when tricked into clicking on this crafted URL unknowingly executes the malicious payload in their browser. On successful exploitation, the attacker can access or modify sensitive information within the scope of victim's web browser, with no impact on availability of the application.

SAP XSS
NVD
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

SAP NetWeaver allows an authenticated non-administrative user to call the remote-enabled function module which could grants access to non-sensitive information about the SAP system and OS without requiring any specific knowledge or controlled conditions. This leads to a low impact on confidentiality with no effect on integrity or availability of the application.

SAP Authentication Bypass Netweaver
NVD
EPSS 1% CVSS 9.9
CRITICAL Act Now

SAP S/4HANA and SAP SCM Characteristic Propagation has remote code execution vulnerability. This allows an attacker with user level privileges to create a new report with his own code potentially gaining full control of the affected SAP system causing high impact on confidentiality, integrity, and availability of the application.

SAP RCE Code Injection
NVD
EPSS 0% CVSS 9.1
CRITICAL Act Now

SAP NetWeaver XML Data Archiving Service allows an authenticated attacker with administrative privileges to exploit an insecure Java deserialization vulnerability by sending a specially crafted serialized Java object. This could lead to high impact on confidentiality, integrity, and availability of the application.

Deserialization SAP Java
NVD
EPSS 0% CVSS 4.1
MEDIUM This Month

SAP CMC Promotion Management allows an authenticated attacker to enumerate internal network systems by submitting crafted requests during job source configuration. By analysing response times for various IP addresses and ports, the attacker can infer valid network endpoints. Successful exploitation may lead to information disclosure. This vulnerability does not impact the integrity or availability of the application.

SAP Information Disclosure SSRF
NVD
EPSS 0% CVSS 9.1
CRITICAL Act Now

SAP NetWeaver Enterprise Portal Administration is vulnerable when a privileged user can upload untrusted or malicious content which, when deserialized, could potentially lead to a compromise of confidentiality, integrity, and availability of the host system.

Deserialization SAP
NVD
EPSS 0% CVSS 9.1
CRITICAL Act Now

A critical vulnerability in SAP NetWeaver Application server for Java Log Viewer enables authenticated administrator users to exploit unsafe Java object deserialization. Successful exploitation can lead to full operating system compromise, granting attackers complete control over the affected system. This results in a severe impact on the confidentiality, integrity, and availability of the application and host environment.

Deserialization SAP Java
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

SAP Business Warehouse (Business Explorer Web) allows an attacker to create a malicious link. If an authenticated user clicks on this link, the injected script gets executed within the scope of victim�s browser. This potentially leads to an impact on confidentiality and integrity. Availability is not impacted.

SAP XSS
NVD
EPSS 0% CVSS 4.9
MEDIUM This Month

Due to a missing authorization check in SAP NetWeaver Application server for ABAP, an authenticated user with high privileges could exploit the insufficient validation of user permissions to access sensitive database tables. By leveraging overly permissive access configurations, unauthorized reading of critical data is possible, resulting in a significant impact on the confidentiality of the information stored. However, the integrity and availability of the system remain unaffected.

SAP Authentication Bypass
NVD
Prev Page 2 of 19 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy