Sap s/4hana

This hub aggregates every CVE we track for Sap s/4hana, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Sap s/4hana.

• CVE-2026-44744SQL Injection vulnerability in SAP S/4HANA6.5Jun 9, 2026
• CVE-2026-34260SQL injection vulnerability in SAP S/4HANA (SAP Enterprise Search for ABAP)9.6May 12, 2026
• CVE-2026-34256Missing Authorization check in SAP ERP and SAP S/4 HANA (Private Cloud and On-Premise)7.1Apr 14, 2026
• CVE-2026-27677Missing Authorization check in SAP S/4HANA OData Service (Manage Reference Equipment)6.5Apr 14, 2026
• CVE-2026-0488Code Injection vulnerability in SAP CRM and SAP S/4HANA (Scripting Editor)9.9Feb 10, 2026
• CVE-2026-0501SQL Injection Vulnerability in SAP S/4HANA Private Cloud and On-Premise (Financials � General Ledger)9.9Jan 13, 2026
• CVE-2026-0498Code Injection vulnerability in SAP S/4HANA (Private Cloud and On-Premise)9.1Jan 13, 2026
• CVE-2025-42924Open Redirect vulnerabilities in SAP S/4HANA landscape (SAP E-Recruiting BSP)6.1Nov 11, 2025
• CVE-2025-42957Code Injection vulnerability in SAP S/4HANA (Private Cloud or On-Premise)9.9Aug 12, 2025
• CVE-2025-42946Directory Traversal vulnerability in SAP S/4HANA (Bank Communication Management)6.9Aug 12, 2025
• CVE-2025-42934CRLF Injection vulnerability in SAP S/4HANA (Supplier invoice)4.3Aug 12, 2025
• CVE-2025-42967Code Injection vulnerability in SAP S/4HANA and SAP SCM (Characteristic Propagation)9.9Jul 8, 2025
• CVE-2025-42993Missing Authorization Check in SAP S/4HANA (Enterprise Event Enablement)6.7Jun 10, 2025
• CVE-2025-42991Missing Authorization check in SAP S/4HANA (Bank Account Application)4.3Jun 10, 2025
• CVE-2025-42987Missing Authorization Check in SAP S/4HANA (Manage Processing Rules - For Bank Statement)4.3Jun 10, 2025