Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-24315 (GCVE-0-2026-24315)
Vulnerability from cvelistv5 – Published: 2026-06-09 00:19 – Updated: 2026-06-09 13:19- CWE-35 - Path Traversal
| Vendor | Product | Version | |
|---|---|---|---|
| SAP_SE | SAP Fiori (launchpad) |
Affected:
SAP_UI 754
Affected: 755 Affected: 756 Affected: 757 Affected: 758 Affected: 816 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24315",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-09T13:19:37.560851Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-09T13:19:44.991Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP Fiori (launchpad)",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "SAP_UI 754"
},
{
"status": "affected",
"version": "755"
},
{
"status": "affected",
"version": "756"
},
{
"status": "affected",
"version": "757"
},
{
"status": "affected",
"version": "758"
},
{
"status": "affected",
"version": "816"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSAP Fiori Launchpad allows attackers to craft malicious URLs that triggers arbitrary service calls on the Fiori domain, this when opened by the user could compromise accounts by stealing user credentials. Successful exploitation requires adversaries to possess advanced knowledge of the system causing low impact on Confidentiality and Integrity. Availability of the system is no impacted.\u003c/p\u003e"
}
],
"value": "SAP Fiori Launchpad allows attackers to craft malicious URLs that triggers arbitrary service calls on the Fiori domain, this when opened by the user could compromise accounts by stealing user credentials. Successful exploitation requires adversaries to possess advanced knowledge of the system causing low impact on Confidentiality and Integrity. Availability of the system is no impacted."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "CWE-35: Path Traversal",
"lang": "eng",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-09T00:19:52.226Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3682699"
},
{
"url": "https://url.sap/sapsecuritypatchday"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Path Traversal Vulnerability in SAP Fiori (launchpad)",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2026-24315",
"datePublished": "2026-06-09T00:19:52.226Z",
"dateReserved": "2026-01-21T22:15:25.361Z",
"dateUpdated": "2026-06-09T13:19:44.991Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-24315",
"date": "2026-07-14",
"epss": "0.00174",
"percentile": "0.07049"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-24315\",\"sourceIdentifier\":\"cna@sap.com\",\"published\":\"2026-06-09T01:16:45.740\",\"lastModified\":\"2026-06-17T10:22:53.367\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"SAP Fiori Launchpad allows attackers to craft malicious URLs that triggers arbitrary service calls on the Fiori domain, this when opened by the user could compromise accounts by stealing user credentials. Successful exploitation requires adversaries to possess advanced knowledge of the system causing low impact on Confidentiality and Integrity. Availability of the system is no impacted.\"}],\"affected\":[{\"source\":\"cna@sap.com\",\"affectedData\":[{\"vendor\":\"SAP_SE\",\"product\":\"SAP Fiori (launchpad)\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"SAP_UI 754\",\"status\":\"affected\"},{\"version\":\"755\",\"status\":\"affected\"},{\"version\":\"756\",\"status\":\"affected\"},{\"version\":\"757\",\"status\":\"affected\"},{\"version\":\"758\",\"status\":\"affected\"},{\"version\":\"816\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"cna@sap.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N\",\"baseScore\":4.2,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.6,\"impactScore\":2.5}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-06-09T13:19:37.560851Z\",\"id\":\"CVE-2026-24315\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"cna@sap.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-35\"}]}],\"references\":[{\"url\":\"https://me.sap.com/notes/3682699\",\"source\":\"cna@sap.com\"},{\"url\":\"https://url.sap/sapsecuritypatchday\",\"source\":\"cna@sap.com\"}]}}",
"redhat_vex": {
"current_release_date": "2026-06-10T02:59:16+00:00",
"cve": "CVE-2026-24315",
"id": "CVE-2026-24315",
"initial_release_date": "2026-01-01T00:00:00+00:00",
"product_status:known_not_affected": "1",
"source": "Red Hat CSAF VEX",
"status": "final",
"title": "Path Traversal Vulnerability in SAP Fiori (launchpad)",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-24315.json",
"version": "3"
},
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-24315\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-06-09T13:19:37.560851Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-06-09T13:19:41.113Z\"}}], \"cna\": {\"title\": \"Path Traversal Vulnerability in SAP Fiori (launchpad)\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.2, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"SAP_SE\", \"product\": \"SAP Fiori (launchpad)\", \"versions\": [{\"status\": \"affected\", \"version\": \"SAP_UI 754\"}, {\"status\": \"affected\", \"version\": \"755\"}, {\"status\": \"affected\", \"version\": \"756\"}, {\"status\": \"affected\", \"version\": \"757\"}, {\"status\": \"affected\", \"version\": \"758\"}, {\"status\": \"affected\", \"version\": \"816\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://me.sap.com/notes/3682699\"}, {\"url\": \"https://url.sap/sapsecuritypatchday\"}], \"x_generator\": {\"engine\": \"Vulnogram 1.0.2\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"SAP Fiori Launchpad allows attackers to craft malicious URLs that triggers arbitrary service calls on the Fiori domain, this when opened by the user could compromise accounts by stealing user credentials. Successful exploitation requires adversaries to possess advanced knowledge of the system causing low impact on Confidentiality and Integrity. Availability of the system is no impacted.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eSAP Fiori Launchpad allows attackers to craft malicious URLs that triggers arbitrary service calls on the Fiori domain, this when opened by the user could compromise accounts by stealing user credentials. Successful exploitation requires adversaries to possess advanced knowledge of the system causing low impact on Confidentiality and Integrity. Availability of the system is no impacted.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"eng\", \"type\": \"CWE\", \"cweId\": \"CWE-35\", \"description\": \"CWE-35: Path Traversal\"}]}], \"providerMetadata\": {\"orgId\": \"e4686d1a-f260-4930-ac4c-2f5c992778dd\", \"shortName\": \"sap\", \"dateUpdated\": \"2026-06-09T00:19:52.226Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-24315\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-06-09T13:19:44.991Z\", \"dateReserved\": \"2026-01-21T22:15:25.361Z\", \"assignerOrgId\": \"e4686d1a-f260-4930-ac4c-2f5c992778dd\", \"datePublished\": \"2026-06-09T00:19:52.226Z\", \"assignerShortName\": \"sap\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
CERTFR-2026-AVI-0715
Vulnerability from certfr_avis - Published: 2026-06-09 - Updated: 2026-06-09
De multiples vulnérabilités ont été découvertes dans les produits SAP. Certaines d'entre elles permettent à un attaquant de provoquer une injection SQL (SQLi), une injection de code indirecte à distance (XSS) et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SAP | BusinessObjects | Business Objects versions ENTERPRISE 430, 2025 et 2027 sans le dernier correctif de sécurité | ||
| SAP | N/A | MDG (Review Match Groups Application) versions S4CORE 108, SAP_BASIS 916, SAP_BASIS 917 et SAP_ABA 816 sans le dernier correctif de sécurité | ||
| SAP | NetWeaver | NetWeaver AS ABAP and ABAP Platform versions SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758, SAP_BASIS 816, SAP_BASIS 918 et SAP_BASIS 919 sans le dernier correctif de sécurité | ||
| SAP | NetWeaver | NetWeaver AS ABAP and ABAP Platform versions KRNL64NUC 7.22, 7.22EXT, KRNL64UC 7.22, 722EXT, 7.53, KERNEL 7.22, 7.53, 7.54, 7.77, 7.89, 7.93, 9.16, 9.18 et 91.9 sans le dernier correctif de sécurité | ||
| SAP | N/A | ODP Data Replication APIs versions DW4CORE 200, 300, 400, PI_BASIS 2006_1_700, 701, 702, 731, 740, SAP_BW 750 et 816 sans le dernier correctif de sécurité | ||
| SAP | NetWeaver | NetWeaver AS ABAP and ABAP Platform versions SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758 et SAP_BASIS 816 sans le dernier correctif de sécurité | ||
| SAP | BusinessObjects | Business Objects Business Intelligence Platform versions ENTERPRISE 430, 2025 et 2027 sans le dernier correctif de sécurité | ||
| SAP | NetWeaver | NetWeaver AS Java (JDBC Test Servlet) version BI_UDI 7.50 sans le dernier correctif de sécurité | ||
| SAP | NetWeaver | NetWeaver Application Server Java (Web Container) version ENGINEAPI 7.50 sans le dernier correctif de sécurité | ||
| SAP | Commerce Cloud | Commerce Cloud and Data Hub versions HY_COM 2205, HY_DHUB 2205, COM_CLOUD 2211, 2211-JDK21 et DHUB_CLOUD 2211 sans le dernier correctif de sécurité | ||
| SAP | Commerce Cloud | Commerce Cloud versions HY_COM 2205, COM_CLOUD 2211 et 2211-JDK21 sans le dernier correctif de sécurité | ||
| SAP | N/A | Fiori (launchpad) versions SAP_UI 754, 755, 756, 757, 758 et 816 sans le dernier correctif de sécurité | ||
| SAP | N/A | Wily Introscope Enterprise Manager version WILY_INTRO_ENTERPRISE 10.8 sans le dernier correctif de sécurité | ||
| SAP | NetWeaver | NetWeaver AS Java versions SERVERCORE 7.50, CORE-TOOLS 7.50 et J2EE-APPS 7.50 sans le dernier correctif de sécurité | ||
| SAP | S/4HANA | S/4HANA versions S4FND 102, 103, 104, 105, 106, 107, 108 et 109 sans le dernier correctif de sécurité |
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Business Objects versions ENTERPRISE 430, 2025 et 2027 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "BusinessObjects",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "MDG (Review Match Groups Application) versions S4CORE 108, SAP_BASIS 916, SAP_BASIS 917 et SAP_ABA 816 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "NetWeaver AS ABAP and ABAP Platform versions SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758, SAP_BASIS 816, SAP_BASIS 918 et SAP_BASIS 919 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "NetWeaver AS ABAP and ABAP Platform versions KRNL64NUC 7.22, 7.22EXT, KRNL64UC 7.22, 722EXT, 7.53, KERNEL 7.22, 7.53, 7.54, 7.77, 7.89, 7.93, 9.16, 9.18 et 91.9 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "ODP Data Replication APIs versions DW4CORE 200, 300, 400, PI_BASIS 2006_1_700, 701, 702, 731, 740, SAP_BW 750 et 816 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "NetWeaver AS ABAP and ABAP Platform versions SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758 et SAP_BASIS 816 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Business Objects Business Intelligence Platform versions ENTERPRISE 430, 2025 et 2027 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "BusinessObjects",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "NetWeaver AS Java (JDBC Test Servlet) version BI_UDI 7.50 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "NetWeaver Application Server Java (Web Container) version ENGINEAPI 7.50 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Commerce Cloud and Data Hub versions HY_COM 2205, HY_DHUB 2205, COM_CLOUD 2211, 2211-JDK21 et DHUB_CLOUD 2211 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Commerce Cloud",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Commerce Cloud versions HY_COM 2205, COM_CLOUD 2211 et 2211-JDK21 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Commerce Cloud",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Fiori (launchpad) versions SAP_UI 754, 755, 756, 757, 758 et 816 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Wily Introscope Enterprise Manager version WILY_INTRO_ENTERPRISE 10.8 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "NetWeaver AS Java versions SERVERCORE 7.50, CORE-TOOLS 7.50 et J2EE-APPS 7.50 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "S/4HANA versions S4FND 102, 103, 104, 105, 106, 107, 108 et 109 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "S/4HANA",
"vendor": {
"name": "SAP",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-44746",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44746"
},
{
"name": "CVE-2026-44750",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44750"
},
{
"name": "CVE-2026-44743",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44743"
},
{
"name": "CVE-2026-44755",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44755"
},
{
"name": "CVE-2026-44754",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44754"
},
{
"name": "CVE-2026-29145",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29145"
},
{
"name": "CVE-2026-44751",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44751"
},
{
"name": "CVE-2026-44757",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44757"
},
{
"name": "CVE-2026-27671",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27671"
},
{
"name": "CVE-2026-44744",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44744"
},
{
"name": "CVE-2026-44748",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44748"
},
{
"name": "CVE-2025-68161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68161"
},
{
"name": "CVE-2026-24315",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24315"
},
{
"name": "CVE-2026-22732",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22732"
},
{
"name": "CVE-2026-40128",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40128"
}
],
"initial_release_date": "2026-06-09T00:00:00",
"last_revision_date": "2026-06-09T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0715",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-06-09T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Injection SQL (SQLi)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits SAP. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une injection SQL (SQLi), une injection de code indirecte \u00e0 distance (XSS) et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SAP",
"vendor_advisories": [
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 SAP june-2026",
"url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news/june-2026.html"
}
]
}
FKIE_CVE-2026-24315
Vulnerability from fkie_nvd - Published: 2026-06-09 01:16 - Updated: 2026-06-17 10:22| Vendor | Product | Version |
|---|
{
"affected": [
{
"affectedData": [
{
"defaultStatus": "unaffected",
"product": "SAP Fiori (launchpad)",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "SAP_UI 754"
},
{
"status": "affected",
"version": "755"
},
{
"status": "affected",
"version": "756"
},
{
"status": "affected",
"version": "757"
},
{
"status": "affected",
"version": "758"
},
{
"status": "affected",
"version": "816"
}
]
}
],
"source": "cna@sap.com"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP Fiori Launchpad allows attackers to craft malicious URLs that triggers arbitrary service calls on the Fiori domain, this when opened by the user could compromise accounts by stealing user credentials. Successful exploitation requires adversaries to possess advanced knowledge of the system causing low impact on Confidentiality and Integrity. Availability of the system is no impacted."
}
],
"id": "CVE-2026-24315",
"lastModified": "2026-06-17T10:22:53.367",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 2.5,
"source": "cna@sap.com",
"type": "Secondary"
}
],
"ssvcV203": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"ssvcData": {
"id": "CVE-2026-24315",
"options": [
{
"exploitation": "none"
},
{
"automatable": "no"
},
{
"technicalImpact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-09T13:19:37.560851Z",
"version": "2.0.3"
}
}
]
},
"published": "2026-06-09T01:16:45.740",
"references": [
{
"source": "cna@sap.com",
"url": "https://me.sap.com/notes/3682699"
},
{
"source": "cna@sap.com",
"url": "https://url.sap/sapsecuritypatchday"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-35"
}
],
"source": "cna@sap.com",
"type": "Secondary"
}
]
}
GHSA-MQX2-HFFM-62VP
Vulnerability from github – Published: 2026-06-09 03:31 – Updated: 2026-06-09 03:31SAP Fiori Launchpad allows attackers to craft malicious URLs that triggers arbitrary service calls on the Fiori domain, this when opened by the user could compromise accounts by stealing user credentials. Successful exploitation requires adversaries to possess advanced knowledge of the system causing low impact on Confidentiality and Integrity. Availability of the system is no impacted.
{
"affected": [],
"aliases": [
"CVE-2026-24315"
],
"database_specific": {
"cwe_ids": [
"CWE-35"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-09T01:16:45Z",
"severity": "MODERATE"
},
"details": "SAP Fiori Launchpad allows attackers to craft malicious URLs that triggers arbitrary service calls on the Fiori domain, this when opened by the user could compromise accounts by stealing user credentials. Successful exploitation requires adversaries to possess advanced knowledge of the system causing low impact on Confidentiality and Integrity. Availability of the system is no impacted.",
"id": "GHSA-mqx2-hffm-62vp",
"modified": "2026-06-09T03:31:40Z",
"published": "2026-06-09T03:31:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24315"
},
{
"type": "WEB",
"url": "https://me.sap.com/notes/3682699"
},
{
"type": "WEB",
"url": "https://url.sap/sapsecuritypatchday"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
NCSC-2026-0230
Vulnerability from csaf_ncscnl - Published: 2026-07-14 13:47 - Updated: 2026-07-14 13:47SAP NetWeaver Application Server ABAP contains a memory management logical error that can be exploited by an authenticated attacker to cause memory corruption, potentially compromising data confidentiality, integrity, and system availability.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
SAP / CRM WebClient UI
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Change and Transport System Attach Tool
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / HANA Database
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server Java
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / S4 HANA
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Software
|
vers:unknown/* |
An HTTP Request Smuggling vulnerability in SAP Approuter enables unauthenticated attackers to cause request-response desynchronization, potentially exposing user data and disrupting system availability, affecting confidentiality and availability.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
SAP / CRM WebClient UI
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Change and Transport System Attach Tool
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / HANA Database
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server Java
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / S4 HANA
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Software
|
vers:unknown/* |
SAP Commerce Cloud contains a sample OAuth2 client with publicly documented credentials, enabling unauthenticated attackers to obtain access tokens and manipulate data, compromising confidentiality and integrity.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
SAP / CRM WebClient UI
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Change and Transport System Attach Tool
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / HANA Database
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server Java
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / S4 HANA
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Software
|
vers:unknown/* |
A Directory Traversal vulnerability in SAP NetWeaver Application Server Java (Web Container) allows unauthenticated attackers to exploit crafted HTTP logon requests to manipulate file inclusion parameters and access or modify sensitive files.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
SAP / CRM WebClient UI
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Change and Transport System Attach Tool
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / HANA Database
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server Java
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / S4 HANA
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Software
|
vers:unknown/* |
Apache Camel's JMS components contain deserialization vulnerabilities allowing remote code execution via crafted ObjectMessages, affecting multiple versions including those used in SAP Integration Suite's Edge Integration Cell.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
SAP / CRM WebClient UI
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Change and Transport System Attach Tool
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / HANA Database
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server Java
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / S4 HANA
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Software
|
vers:unknown/* |
SAProuter on Microsoft Windows suffers from a DLL Hijacking vulnerability that enables unauthenticated attackers to execute arbitrary code by loading malicious DLLs from untrusted locations, compromising system confidentiality, integrity, and availability.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
SAP / CRM WebClient UI
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Change and Transport System Attach Tool
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / HANA Database
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server Java
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / S4 HANA
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Software
|
vers:unknown/* |
SAP NetWeaver Application Server Java, including its Configuration Wizard, is vulnerable to Cross-Site Scripting (XSS) attacks via crafted URLs that can execute malicious JavaScript, compromising session confidentiality and altering displayed data.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
SAP / CRM WebClient UI
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Change and Transport System Attach Tool
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / HANA Database
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server Java
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / S4 HANA
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Software
|
vers:unknown/* |
SAP Approuter contains vulnerabilities including an OAuth2 login flow flaw allowing unauthorized access via improper header validation and an Open Redirect issue, affecting confidentiality and integrity.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
SAP / CRM WebClient UI
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Change and Transport System Attach Tool
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / HANA Database
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server Java
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / S4 HANA
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Software
|
vers:unknown/* |
Multiple critical vulnerabilities in Apache Tomcat versions 9.0.0.M1 to 11.0.21, including digest authentication bypass, WebDAV unbounded request sizes, HTTP/2 header validation flaws, and authorization bypass, have been addressed in updates 9.0.118, 10.1.55, and 11.0.22.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
SAP / CRM WebClient UI
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Change and Transport System Attach Tool
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / HANA Database
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server Java
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / S4 HANA
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Software
|
vers:unknown/* |
Multiple Apache Tomcat versions exhibit vulnerabilities including improper input validation, HTTP/2 header validation flaws, WebDAV request size issues, WebSocket authentication exposure, and authorization bypasses, with updates released to address these security concerns.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
SAP / CRM WebClient UI
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Change and Transport System Attach Tool
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / HANA Database
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server Java
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / S4 HANA
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Software
|
vers:unknown/* |
Apache Tomcat versions 7.0.0 to 11.0.21 have multiple security vulnerabilities including improper authorization with multiple method constraints, digest authentication bypass, HTTP/2 header validation flaws, WebDAV request size issues, and case sensitivity problems in LockOutRealm, resolved in versions 9.0.118, 10.1.55, and 11.0.22.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
SAP / CRM WebClient UI
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Change and Transport System Attach Tool
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / HANA Database
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server Java
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / S4 HANA
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Software
|
vers:unknown/* |
The SAP Change and Transport System Attach Tool (ctsattach) contains a remote code execution vulnerability due to insecure deserialization of specially crafted archive files, enabling authenticated attackers to compromise system integrity and confidentiality.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
SAP / CRM WebClient UI
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Change and Transport System Attach Tool
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / HANA Database
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server Java
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / S4 HANA
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Software
|
vers:unknown/* |
SAP NetWeaver Enterprise Portal is affected by a reflected Cross Site Scripting (XSS) vulnerability via URL parameters, enabling attackers to execute malicious scripts that may compromise session data and manipulate portal content.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
SAP / CRM WebClient UI
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Change and Transport System Attach Tool
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / HANA Database
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server Java
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / S4 HANA
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Software
|
vers:unknown/* |
The setThemeRoot() function contains a vulnerability that bypasses the sap-allowed-theme-origins allowlist, enabling attackers to perform cross-origin CSS injection via attacker-controlled URLs or parameters, resulting in UI redressing, phishing, and limited data exfiltration.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
SAP / CRM WebClient UI
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Change and Transport System Attach Tool
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / HANA Database
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server Java
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / S4 HANA
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Software
|
vers:unknown/* |
SAP S/4HANA Project Management (PPM-PRO) contains an SQL Injection vulnerability that allows high-privilege attackers to execute crafted database queries, resulting in low confidentiality impact without affecting integrity or availability.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
SAP / CRM WebClient UI
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Change and Transport System Attach Tool
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / HANA Database
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server Java
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / S4 HANA
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Software
|
vers:unknown/* |
A Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server ABAP's Business Server Pages framework allows arbitrary JavaScript injection, risking session theft and unauthorized user actions with limited impact on confidentiality and integrity.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
SAP / CRM WebClient UI
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Change and Transport System Attach Tool
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / HANA Database
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server Java
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / S4 HANA
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Software
|
vers:unknown/* |
The SAP S/4HANA Draft operation contains a missing authorization check, allowing unauthorized users to access sensitive information and potentially escalate privileges, affecting confidentiality but not integrity or availability.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
SAP / CRM WebClient UI
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Change and Transport System Attach Tool
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / HANA Database
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server Java
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / S4 HANA
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Software
|
vers:unknown/* |
The SAP S/4 HANA Create Single Payment function lacks necessary authorization checks, allowing unauthorized users to access certain entity set keys and potentially disclose sensitive information, affecting confidentiality.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
SAP / CRM WebClient UI
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Change and Transport System Attach Tool
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / HANA Database
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server Java
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / S4 HANA
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Software
|
vers:unknown/* |
SAP Fiori Launchpad is susceptible to malicious URL attacks that can lead to credential theft and account compromise, requiring advanced system knowledge and posing low risk to confidentiality and integrity without impacting availability.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
SAP / CRM WebClient UI
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Change and Transport System Attach Tool
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / HANA Database
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server Java
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / S4 HANA
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Software
|
vers:unknown/* |
SAP CRM WebClient UI is affected by a security misconfiguration that allows script injection due to missing Content Security Policy directives, impacting application integrity without affecting confidentiality or availability.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
SAP / CRM WebClient UI
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Change and Transport System Attach Tool
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / HANA Database
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server Java
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / S4 HANA
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Software
|
vers:unknown/* |
SAP HANA Database and Extended Application Services classic model (User Self Service) contain vulnerabilities that allow unauthenticated attackers to enumerate valid user accounts and email addresses, leading to information disclosure affecting confidentiality.
CWE-204 - Observable Response Discrepancy| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
SAP / CRM WebClient UI
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Change and Transport System Attach Tool
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / HANA Database
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server Java
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / S4 HANA
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Software
|
vers:unknown/* |
Apache Log4j Core versions 2.0-beta9 through 2.25.2 have a critical vulnerability in the Socket Appender due to missing TLS hostname verification, enabling man-in-the-middle attacks, affecting multiple vendors including Oracle, IBM, NetApp, and SAP.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
SAP / CRM WebClient UI
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Change and Transport System Attach Tool
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / HANA Database
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server Java
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / S4 HANA
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Software
|
vers:unknown/* |
Multiple critical vulnerabilities in Apache Camel, including CVE-2025-27636, allow remote code execution and arbitrary file write via case-variant header injection, while HPE Telco NFV Orchestrator also contains exploitable security flaws.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
SAP / CRM WebClient UI
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Change and Transport System Attach Tool
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / HANA Database
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server Java
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / S4 HANA
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Software
|
vers:unknown/* |
Apache Camel's Camel-Mail component and SAP Integration Suite's Edge Integration Cell contain vulnerabilities allowing attackers to inject malicious headers that can alter route behavior and application components.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
SAP / CRM WebClient UI
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Change and Transport System Attach Tool
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / HANA Database
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Application Server Java
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / S4 HANA
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Commerce Cloud
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Application Server ABAP
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP NetWeaver Enterprise Portal
|
vers:unknown/* | ||
|
vers:unknown/*
SAP / SAP Software
|
vers:unknown/* |
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "SAP heeft kwetsbaarheden verholpen in SAP NetWeaver Application Server ABAP, SAP Approuter, SAP Commerce Cloud, SAP NetWeaver Application Server Java, SAProuter, SAP Change and Transport System Attach Tool, SAP NetWeaver Enterprise Portal, SAP S/4HANA modules, SAP Fiori Launchpad, SAP CRM WebClient UI, SAP HANA Database user self service tools, en SAP Commerce Cloud.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden betreffen diverse beveiligingsproblemen zoals:\n- geheugenbeschadiging in SAP NetWeaver Application Server ABAP\n- HTTP Request Smuggling in SAP Approuter\n- onveilige OAuth2-sample credentials in SAP Commerce Cloud\n- directory traversal in SAP NetWeaver Application Server Java\n- DLL hijacking in SAProuter op Windows.\n- Verder zijn er Cross-Site Scripting (XSS) kwetsbaarheden in SAP NetWeaver Application Server Java en Enterprise Portal en ontbrekende autorisatiecontroles in SAP S/4HANA modules.\n- SAP Change and Transport System Attach Tool is kwetsbaar voor remote code execution door onveilige deserialisatie.\n- SAP HANA user self service tools maken informatieoverdracht mogelijk zonder authenticatie.\n\nDe kwetsbaarheden kunnen leiden tot ongeautoriseerde toegang, manipulatie van data, informatielekken, en verstoring van de beschikbaarheid. Sommige kwetsbaarheden vereisen authenticatie, andere kunnen door onbevoegden worden misbruikt. Diverse kwetsbaarheden zijn specifiek voor componenten die binnen SAP-omgevingen worden gebruikt, zoals Apache Camel binnen de SAP Integration Suite en Apache Tomcat binnen SAP Commerce Cloud.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "SAP heeft updates uitgebracht om de genoemde kwetsbaarheden te verhelpen. Gebruikers van de getroffen SAP-producten wordt geadviseerd deze updates te installeren om de beveiligingsproblemen te mitigeren. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"title": "Kwetsbaarheden verholpen in SAP-producten",
"tracking": {
"current_release_date": "2026-07-14T13:47:14.712870Z",
"generator": {
"date": "2025-08-04T16:30:00Z",
"engine": {
"name": "V.A.",
"version": "1.3"
}
},
"id": "NCSC-2026-0230",
"initial_release_date": "2026-07-14T13:47:14.712870Z",
"revision_history": [
{
"date": "2026-07-14T13:47:14.712870Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-1"
}
}
],
"category": "product_name",
"name": "CRM WebClient UI"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-2"
}
}
],
"category": "product_name",
"name": "Change and Transport System Attach Tool"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-3"
}
}
],
"category": "product_name",
"name": "Commerce Cloud"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-4"
}
}
],
"category": "product_name",
"name": "HANA Database"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-5"
}
}
],
"category": "product_name",
"name": "NetWeaver Application Server ABAP"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-6"
}
}
],
"category": "product_name",
"name": "NetWeaver Application Server Java"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-7"
}
}
],
"category": "product_name",
"name": "NetWeaver Enterprise Portal"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-8"
}
}
],
"category": "product_name",
"name": "S4 HANA"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-9"
}
}
],
"category": "product_name",
"name": "SAP Commerce Cloud"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-10"
}
}
],
"category": "product_name",
"name": "SAP NetWeaver Application Server ABAP"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-11"
}
}
],
"category": "product_name",
"name": "SAP NetWeaver Enterprise Portal"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-12"
}
}
],
"category": "product_name",
"name": "SAP Software"
}
],
"category": "vendor",
"name": "SAP"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-44747",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "description",
"text": "SAP NetWeaver Application Server ABAP contains a memory management logical error that can be exploited by an authenticated attacker to cause memory corruption, potentially compromising data confidentiality, integrity, and system availability.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-44747 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-44747.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
}
],
"title": "CVE-2026-44747"
},
{
"cve": "CVE-2026-27690",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"notes": [
{
"category": "other",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
},
{
"category": "description",
"text": "An HTTP Request Smuggling vulnerability in SAP Approuter enables unauthenticated attackers to cause request-response desynchronization, potentially exposing user data and disrupting system availability, affecting confidentiality and availability.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-27690 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-27690.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
}
],
"title": "CVE-2026-27690"
},
{
"cve": "CVE-2026-44761",
"cwe": {
"id": "CWE-1392",
"name": "Use of Default Credentials"
},
"notes": [
{
"category": "other",
"text": "Use of Default Credentials",
"title": "CWE-1392"
},
{
"category": "description",
"text": "SAP Commerce Cloud contains a sample OAuth2 client with publicly documented credentials, enabling unauthenticated attackers to obtain access tokens and manipulate data, compromising confidentiality and integrity.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-44761 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-44761.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
}
],
"title": "CVE-2026-44761"
},
{
"cve": "CVE-2026-40128",
"cwe": {
"id": "CWE-35",
"name": "Path Traversal: \u0027.../...//\u0027"
},
"notes": [
{
"category": "other",
"text": "Path Traversal: \u0027.../...//\u0027",
"title": "CWE-35"
},
{
"category": "description",
"text": "A Directory Traversal vulnerability in SAP NetWeaver Application Server Java (Web Container) allows unauthenticated attackers to exploit crafted HTTP logon requests to manipulate file inclusion parameters and access or modify sensitive files.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-40128 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-40128.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
}
],
"title": "CVE-2026-40128"
},
{
"cve": "CVE-2026-40860",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "description",
"text": "Apache Camel\u0027s JMS components contain deserialization vulnerabilities allowing remote code execution via crafted ObjectMessages, affecting multiple versions including those used in SAP Integration Suite\u0027s Edge Integration Cell.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-40860 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-40860.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
}
],
"title": "CVE-2026-40860"
},
{
"cve": "CVE-2026-0487",
"cwe": {
"id": "CWE-427",
"name": "Uncontrolled Search Path Element"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Search Path Element",
"title": "CWE-427"
},
{
"category": "description",
"text": "SAProuter on Microsoft Windows suffers from a DLL Hijacking vulnerability that enables unauthenticated attackers to execute arbitrary code by loading malicious DLLs from untrusted locations, compromising system confidentiality, integrity, and availability.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-0487 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0487.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
}
],
"title": "CVE-2026-0487"
},
{
"cve": "CVE-2026-44752",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
},
{
"category": "description",
"text": "SAP NetWeaver Application Server Java, including its Configuration Wizard, is vulnerable to Cross-Site Scripting (XSS) attacks via crafted URLs that can execute malicious JavaScript, compromising session confidentiality and altering displayed data.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-44752 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-44752.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
}
],
"title": "CVE-2026-44752"
},
{
"cve": "CVE-2026-44745",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"notes": [
{
"category": "other",
"text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"title": "CWE-601"
},
{
"category": "description",
"text": "SAP Approuter contains vulnerabilities including an OAuth2 login flow flaw allowing unauthorized access via improper header validation and an Open Redirect issue, affecting confidentiality and integrity.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-44745 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-44745.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
}
],
"title": "CVE-2026-44745"
},
{
"cve": "CVE-2026-43512",
"cwe": {
"id": "CWE-303",
"name": "Incorrect Implementation of Authentication Algorithm"
},
"notes": [
{
"category": "other",
"text": "Incorrect Implementation of Authentication Algorithm",
"title": "CWE-303"
},
{
"category": "description",
"text": "Multiple critical vulnerabilities in Apache Tomcat versions 9.0.0.M1 to 11.0.21, including digest authentication bypass, WebDAV unbounded request sizes, HTTP/2 header validation flaws, and authorization bypass, have been addressed in updates 9.0.118, 10.1.55, and 11.0.22.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-43512 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43512.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
}
],
"title": "CVE-2026-43512"
},
{
"cve": "CVE-2026-41293",
"notes": [
{
"category": "description",
"text": "Multiple Apache Tomcat versions exhibit vulnerabilities including improper input validation, HTTP/2 header validation flaws, WebDAV request size issues, WebSocket authentication exposure, and authorization bypasses, with updates released to address these security concerns.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-41293 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-41293.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
}
],
"title": "CVE-2026-41293"
},
{
"cve": "CVE-2026-43515",
"notes": [
{
"category": "description",
"text": "Apache Tomcat versions 7.0.0 to 11.0.21 have multiple security vulnerabilities including improper authorization with multiple method constraints, digest authentication bypass, HTTP/2 header validation flaws, WebDAV request size issues, and case sensitivity problems in LockOutRealm, resolved in versions 9.0.118, 10.1.55, and 11.0.22.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-43515 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43515.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
}
],
"title": "CVE-2026-43515"
},
{
"cve": "CVE-2026-58233",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "description",
"text": "The SAP Change and Transport System Attach Tool (ctsattach) contains a remote code execution vulnerability due to insecure deserialization of specially crafted archive files, enabling authenticated attackers to compromise system integrity and confidentiality.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-58233 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-58233.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
}
],
"title": "CVE-2026-58233"
},
{
"cve": "CVE-2026-44759",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
},
{
"category": "description",
"text": "SAP NetWeaver Enterprise Portal is affected by a reflected Cross Site Scripting (XSS) vulnerability via URL parameters, enabling attackers to execute malicious scripts that may compromise session data and manipulate portal content.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-44759 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-44759.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
}
],
"title": "CVE-2026-44759"
},
{
"cve": "CVE-2026-44767",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
},
{
"category": "description",
"text": "The setThemeRoot() function contains a vulnerability that bypasses the sap-allowed-theme-origins allowlist, enabling attackers to perform cross-origin CSS injection via attacker-controlled URLs or parameters, resulting in UI redressing, phishing, and limited data exfiltration.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-44767 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-44767.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
}
],
"title": "CVE-2026-44767"
},
{
"cve": "CVE-2026-44769",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"title": "CWE-89"
},
{
"category": "description",
"text": "SAP S/4HANA Project Management (PPM-PRO) contains an SQL Injection vulnerability that allows high-privilege attackers to execute crafted database queries, resulting in low confidentiality impact without affecting integrity or availability.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-44769 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-44769.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
}
],
"title": "CVE-2026-44769"
},
{
"cve": "CVE-2026-44760",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
},
{
"category": "description",
"text": "A Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server ABAP\u0027s Business Server Pages framework allows arbitrary JavaScript injection, risking session theft and unauthorized user actions with limited impact on confidentiality and integrity.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-44760 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-44760.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
}
],
"title": "CVE-2026-44760"
},
{
"cve": "CVE-2026-44771",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
},
{
"category": "description",
"text": "The SAP S/4HANA Draft operation contains a missing authorization check, allowing unauthorized users to access sensitive information and potentially escalate privileges, affecting confidentiality but not integrity or availability.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-44771 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-44771.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
}
],
"title": "CVE-2026-44771"
},
{
"cve": "CVE-2026-44770",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
},
{
"category": "description",
"text": "The SAP S/4 HANA Create Single Payment function lacks necessary authorization checks, allowing unauthorized users to access certain entity set keys and potentially disclose sensitive information, affecting confidentiality.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-44770 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-44770.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
}
],
"title": "CVE-2026-44770"
},
{
"cve": "CVE-2026-24315",
"cwe": {
"id": "CWE-35",
"name": "Path Traversal: \u0027.../...//\u0027"
},
"notes": [
{
"category": "other",
"text": "Path Traversal: \u0027.../...//\u0027",
"title": "CWE-35"
},
{
"category": "description",
"text": "SAP Fiori Launchpad is susceptible to malicious URL attacks that can lead to credential theft and account compromise, requiring advanced system knowledge and posing low risk to confidentiality and integrity without impacting availability.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-24315 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-24315.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
}
],
"title": "CVE-2026-24315"
},
{
"cve": "CVE-2026-44768",
"cwe": {
"id": "CWE-15",
"name": "External Control of System or Configuration Setting"
},
"notes": [
{
"category": "other",
"text": "External Control of System or Configuration Setting",
"title": "CWE-15"
},
{
"category": "description",
"text": "SAP CRM WebClient UI is affected by a security misconfiguration that allows script injection due to missing Content Security Policy directives, impacting application integrity without affecting confidentiality or availability.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-44768 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-44768.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
}
],
"title": "CVE-2026-44768"
},
{
"cve": "CVE-2026-44753",
"cwe": {
"id": "CWE-204",
"name": "Observable Response Discrepancy"
},
"notes": [
{
"category": "other",
"text": "Observable Response Discrepancy",
"title": "CWE-204"
},
{
"category": "description",
"text": "SAP HANA Database and Extended Application Services classic model (User Self Service) contain vulnerabilities that allow unauthenticated attackers to enumerate valid user accounts and email addresses, leading to information disclosure affecting confidentiality.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-44753 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-44753.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
}
],
"title": "CVE-2026-44753"
},
{
"cve": "CVE-2025-68161",
"cwe": {
"id": "CWE-297",
"name": "Improper Validation of Certificate with Host Mismatch"
},
"notes": [
{
"category": "other",
"text": "Improper Validation of Certificate with Host Mismatch",
"title": "CWE-297"
},
{
"category": "other",
"text": "Improper Certificate Validation",
"title": "CWE-295"
},
{
"category": "description",
"text": "Apache Log4j Core versions 2.0-beta9 through 2.25.2 have a critical vulnerability in the Socket Appender due to missing TLS hostname verification, enabling man-in-the-middle attacks, affecting multiple vendors including Oracle, IBM, NetApp, and SAP.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-68161 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-68161.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
}
],
"title": "CVE-2025-68161"
},
{
"cve": "CVE-2026-40453",
"cwe": {
"id": "CWE-178",
"name": "Improper Handling of Case Sensitivity"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Case Sensitivity",
"title": "CWE-178"
},
{
"category": "description",
"text": "Multiple critical vulnerabilities in Apache Camel, including CVE-2025-27636, allow remote code execution and arbitrary file write via case-variant header injection, while HPE Telco NFV Orchestrator also contains exploitable security flaws.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-40453 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-40453.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
}
],
"title": "CVE-2026-40453"
},
{
"cve": "CVE-2026-33454",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "other",
"text": "Improper Use of Validation Framework",
"title": "CWE-1173"
},
{
"category": "description",
"text": "Apache Camel\u0027s Camel-Mail component and SAP Integration Suite\u0027s Edge Integration Cell contain vulnerabilities allowing attackers to inject malicious headers that can alter route behavior and application components.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-33454 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-33454.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12"
]
}
],
"title": "CVE-2026-33454"
}
]
}
WID-SEC-W-2026-1831
Vulnerability from csaf_certbund - Published: 2026-06-08 22:00 - Updated: 2026-06-08 22:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "SAP stellt unternehmensweite L\u00f6sungen f\u00fcr Gesch\u00e4ftsprozesse wie Buchf\u00fchrung, Vertrieb, Einkauf und Lagerhaltung zur Verf\u00fcgung.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in SAP Software ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und SQL-Injection-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder andere nicht n\u00e4her spezifizierte Auswirkungen auszul\u00f6sen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-1831 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1831.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-1831 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1831"
},
{
"category": "external",
"summary": "SAP PAtchday Juni 2026 vom 2026-06-08",
"url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news/june-2026.html"
}
],
"source_lang": "en-US",
"title": "SAP Patchday Juni 2026: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-06-08T22:00:00.000+00:00",
"generator": {
"date": "2026-06-09T11:01:02.106+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2026-1831",
"initial_release_date": "2026-06-08T22:00:00.000+00:00",
"revision_history": [
{
"date": "2026-06-08T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "SAP Software",
"product": {
"name": "SAP Software",
"product_id": "T055059",
"product_identification_helper": {
"cpe": "cpe:/a:sap:sap:-"
}
}
}
],
"category": "vendor",
"name": "SAP"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-66614",
"product_status": {
"known_affected": [
"T055059"
]
},
"release_date": "2026-06-08T22:00:00.000+00:00",
"title": "CVE-2025-66614"
},
{
"cve": "CVE-2025-68161",
"product_status": {
"known_affected": [
"T055059"
]
},
"release_date": "2026-06-08T22:00:00.000+00:00",
"title": "CVE-2025-68161"
},
{
"cve": "CVE-2026-22732",
"product_status": {
"known_affected": [
"T055059"
]
},
"release_date": "2026-06-08T22:00:00.000+00:00",
"title": "CVE-2026-22732"
},
{
"cve": "CVE-2026-24315",
"product_status": {
"known_affected": [
"T055059"
]
},
"release_date": "2026-06-08T22:00:00.000+00:00",
"title": "CVE-2026-24315"
},
{
"cve": "CVE-2026-24734",
"product_status": {
"known_affected": [
"T055059"
]
},
"release_date": "2026-06-08T22:00:00.000+00:00",
"title": "CVE-2026-24734"
},
{
"cve": "CVE-2026-27671",
"product_status": {
"known_affected": [
"T055059"
]
},
"release_date": "2026-06-08T22:00:00.000+00:00",
"title": "CVE-2026-27671"
},
{
"cve": "CVE-2026-29145",
"product_status": {
"known_affected": [
"T055059"
]
},
"release_date": "2026-06-08T22:00:00.000+00:00",
"title": "CVE-2026-29145"
},
{
"cve": "CVE-2026-40128",
"product_status": {
"known_affected": [
"T055059"
]
},
"release_date": "2026-06-08T22:00:00.000+00:00",
"title": "CVE-2026-40128"
},
{
"cve": "CVE-2026-44743",
"product_status": {
"known_affected": [
"T055059"
]
},
"release_date": "2026-06-08T22:00:00.000+00:00",
"title": "CVE-2026-44743"
},
{
"cve": "CVE-2026-44744",
"product_status": {
"known_affected": [
"T055059"
]
},
"release_date": "2026-06-08T22:00:00.000+00:00",
"title": "CVE-2026-44744"
},
{
"cve": "CVE-2026-44746",
"product_status": {
"known_affected": [
"T055059"
]
},
"release_date": "2026-06-08T22:00:00.000+00:00",
"title": "CVE-2026-44746"
},
{
"cve": "CVE-2026-44748",
"product_status": {
"known_affected": [
"T055059"
]
},
"release_date": "2026-06-08T22:00:00.000+00:00",
"title": "CVE-2026-44748"
},
{
"cve": "CVE-2026-44750",
"product_status": {
"known_affected": [
"T055059"
]
},
"release_date": "2026-06-08T22:00:00.000+00:00",
"title": "CVE-2026-44750"
},
{
"cve": "CVE-2026-44751",
"product_status": {
"known_affected": [
"T055059"
]
},
"release_date": "2026-06-08T22:00:00.000+00:00",
"title": "CVE-2026-44751"
},
{
"cve": "CVE-2026-44754",
"product_status": {
"known_affected": [
"T055059"
]
},
"release_date": "2026-06-08T22:00:00.000+00:00",
"title": "CVE-2026-44754"
},
{
"cve": "CVE-2026-44755",
"product_status": {
"known_affected": [
"T055059"
]
},
"release_date": "2026-06-08T22:00:00.000+00:00",
"title": "CVE-2026-44755"
},
{
"cve": "CVE-2026-44757",
"product_status": {
"known_affected": [
"T055059"
]
},
"release_date": "2026-06-08T22:00:00.000+00:00",
"title": "CVE-2026-44757"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.