Sap netweaver
This hub aggregates every CVE we track for Sap netweaver, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.
66
CVEs tracked
11
Critical
16
High
5
In CISA KEV
Severity distribution
MEDIUM38HIGH16CRITICAL11LOW1
Monthly trend
0
0
0
0
0
0
0
0
1
3
1
2
4
0
3
0
0
1
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Sap netweaver.
- CVE-2025-42874Denial of service (DOS) in SAP NetWeaver (remote service for Xcelsius)7.9
- CVE-2025-42958Missing Authentication check in SAP NetWeaver9.1
- CVE-2025-42944Insecure Deserialization vulnerability in SAP Netweaver (RMI-P4)10.0
- CVE-2025-42911Missing Authorization check in SAP NetWeaver (Service Data Download)5.0
- CVE-2025-42986Missing Authorization check in SAP NetWeaver and ABAP Platform4.3
- CVE-2025-42974Missing Authorization Check in SAP NetWeaver and ABAP Platform (SDCCN)4.3
- CVE-2025-42968Missing Authorization check in SAP NetWeaver (RFC enabled function module)5.0
- CVE-2025-42966Insecure Deserialization vulnerability in SAP NetWeaver (XML Data Archiving Service)9.1
- CVE-2025-42977Directory Traversal vulnerability in SAP NetWeaver Visual Composer7.6
- CVE-2025-31325Cross-Site Scripting (XSS) Vulnerability in SAP NetWeaver (ABAP Keyword Documentation)5.8
- CVE-2025-42999Insecure Deserialization in SAP NetWeaver (Visual Composer development server)KEV9.1
- CVE-2025-31324Missing Authorization check in SAP NetWeaver (Visual Composer development server)KEV10.0
- CVE-2025-31331Authorization Bypass vulnerability in SAP NetWeaver4.3
- CVE-2025-30015Memory Corruption vulnerability in SAP NetWeaver and ABAP Platform (Application Server ABAP)4.1
- CVE-2025-26661Missing Authorization check in SAP NetWeaver (ABAP Class Builder)8.8
Product normalization is registry-driven with AI assist and human review. How it works