73
CVEs
8
Critical
11
High
0
KEV
0
PoC
16
Unpatched C/H
5.5%
Patch Rate
0.1%
Avg EPSS
Severity Breakdown
CRITICAL
8
HIGH
11
MEDIUM
49
LOW
5
Monthly CVE Trend
Affected Products (30)
Java
18
Sap Basis
13
Deserialization
9
Open Redirect
8
Businessobjects Business Intelligence Platform
8
Command Injection
8
Windows
7
Supplier Relationship Management
7
Netweaver
5
Memory Corruption
5
Business Connector
5
Solution Tools Plug In
3
Commerce Cloud
2
Netweaver Application Server Abap
2
Docker
2
Industrial
2
PostgreSQL
2
Introscope Enterprise Manager
1
Netweaver As Abap Kernel
1
OpenSSL
1
Lt Replication Server
1
Netweaver As Abap Krnl64uc
1
S 4Hana Finance
1
Business Server Pages
1
Businessobjects Enterprise
1
Node.js
1
Gui Connector
1
Race Condition
1
Netweaver As Abap Krnl64nuc
1
Strategic Enterprise Management
1
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2026-0501 | SAP S/4HANA General Ledger (Private Cloud and On-Premise) has SQL injection allowing authenticated users to read, modify, and delete backend database data with scope change (CVSS 9.9). Financial data is directly at risk. | CRITICAL | 9.9 | 0.1% | 50 |
No patch
|
| CVE-2026-0488 | Unauthorized code execution in SAP CRM and SAP S/4HANA Scripting Editor. Authenticated attacker exploits generic function module call to execute unauthorized ABAP code. CVSS 9.9. | CRITICAL | 9.9 | 0.0% | 50 |
No patch
|
| CVE-2026-0500 | SAP Wily Introscope Enterprise Manager uses a vulnerable third-party component that allows unauthenticated attackers to create malicious JNLP files at public URLs. Victims who click these URLs execute OS commands on their machines. Scope change. Patch available. | CRITICAL | 9.6 | 0.1% | 48 |
|
| CVE-2026-0509 | Unauthorized Remote Function Call execution in SAP NetWeaver ABAP. Low-privileged users can execute background RFCs without proper authorization checks. CVSS 9.6. | CRITICAL | 9.6 | 0.0% | 48 |
No patch
|
| CVE-2026-0498 | SAP S/4HANA (Private Cloud and On-Premise) has the same backdoor vulnerability as CVE-2026-0491 – admin-exploitable ABAP/OS command injection via RFC function module. Patch available. | CRITICAL | 9.1 | 0.1% | 46 |
|
| CVE-2026-0491 | SAP Landscape Transformation has an admin-exploitable backdoor via RFC function module that allows injection of arbitrary ABAP code and OS commands, bypassing authorization checks. Scope change enables full SAP system compromise. | CRITICAL | 9.1 | 0.1% | 46 |
No patch
|
| CVE-2026-27685 | SAP NetWeaver Enterprise Portal Administration has an insecure deserialization vulnerability allowing privileged users to execute code through uploaded files. | CRITICAL | 9.1 | 0.0% | 46 |
No patch
|
| CVE-2026-0492 | Hana Database versions up to 2.00 is affected by missing authentication for critical function (CVSS 8.8). | HIGH | 8.8 | 0.1% | 44 |
|
| CVE-2026-23687 | Sap Basis versions up to 700 is affected by improper verification of cryptographic signature (CVSS 8.8). | HIGH | 8.8 | 0.0% | 44 |
No patch
|
| CVE-2026-0507 | SAP Application Server for ABAP and NetWeaver RFCSDK contain an OS command injection vulnerability that allows authenticated administrators with adjacent network access to execute arbitrary system commands by uploading malicious content. Successful exploitation results in complete system compromise affecting confidentiality, integrity, and availability. No patch is currently available. | HIGH | 8.4 | 1.4% | 43 |
No patch
|
| CVE-2026-0511 | SAP Fiori App Intercompany Balance Reconciliation fails to enforce proper authorization controls, allowing authenticated users to escalate privileges and access or modify sensitive data they should not have permission to view. An attacker with valid credentials can exploit missing access checks to compromise the confidentiality and integrity of financial reconciliation data. No patch is currently available for this vulnerability. | HIGH | 8.1 | 0.0% | 41 |
No patch
|
| CVE-2026-24322 | Authenticated users in SAP Solution Tools Plug-In (ST-PI) can access sensitive information through a function module that lacks proper authorization controls, allowing disclosure of confidential data without requiring additional privileges. The vulnerability affects all users with basic authentication to the affected SAP systems, as the missing checks permit lateral data exposure across the application. | HIGH | 7.7 | 0.0% | 39 |
No patch
|
| CVE-2026-0490 | Businessobjects Business Intelligence Platform versions up to 430 is affected by missing authorization (CVSS 7.5). | HIGH | 7.5 | 0.1% | 38 |
No patch
|
| CVE-2026-0485 | Businessobjects Business Intelligence Platform versions up to 430 contains a security vulnerability (CVSS 7.5). | HIGH | 7.5 | 0.1% | 38 |
No patch
|
| CVE-2026-0508 | Businessobjects Business Intelligence Platform versions up to 430 is affected by url redirection to untrusted site (open redirect) (CVSS 7.3). | HIGH | 7.3 | 0.0% | 37 |
No patch
|