Sap commerce cloud
This hub aggregates every CVE we track for Sap commerce cloud, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.
21
CVEs tracked
4
Critical
4
High
1
In CISA KEV
Severity distribution
MEDIUM12HIGH4CRITICAL4LOW1
Monthly trend
2
0
0
0
1
0
0
0
2
0
0
0
0
0
1
0
0
0
2
0
0
1
0
1
2024-082026-07
Latest CVEs
The 15 most recently published vulnerabilities affecting Sap commerce cloud.
- CVE-2026-44761Insecure Sample Credentials in SAP Commerce Cloud9.1
- CVE-2026-34263Missing authentication check in SAP Commerce cloud configuration9.6
- CVE-2026-24321Information Disclosure vulnerability in SAP Commerce Cloud5.3
- CVE-2026-23684Race condition vulnerability in SAP Commerce Cloud5.9
- CVE-2025-42906Directory Traversal vulnerability in SAP Commerce Cloud5.3
- CVE-2025-27435Information Disclosure Vulnerability in SAP Commerce Cloud4.2
- CVE-2025-26654Potential information disclosure vulnerability in SAP Commerce Cloud (Public Cloud)6.8
- CVE-2024-47577Information Disclosure vulnerability in SAP Commerce Cloud2.7
- CVE-2024-41733Information Disclosure Vulnerability in SAP Commerce5.3
- CVE-2024-33003Information Disclosure Vulnerability in SAP Commerce Cloud7.4
- CVE-2023-42481Improper Access Control vulnerability in SAP Commerce Cloud8.1
- CVE-2023-37486Information Disclosure vulnerability in SAP Commerce (OCC API)5.9
- CVE-2021-33666When SAP Commerce Cloud version 100, hosts a JavaScript storefront, it is vulnerable to MIME sniffing, which, in certain circumstances, could be used to facilitate an XSS attack or malware prolifer...6.1
- CVE-2021-21477SAP Commerce Cloud, versions - 1808,1811,1905,2005,2011, enables certain users with required privileges to edit drools rules, an authenticated attacker with this privilege will be able to inject ma...9.9
- CVE-2021-21445SAP Commerce Cloud, versions - 1808, 1811, 1905, 2005, 2011, allows an authenticated attacker to include invalidated data in the HTTP response Content Type header, due to improper input validation,...5.4
Product normalization is registry-driven with AI assist and human review. How it works