sap

Top products

The 15 most recently published vulnerabilities affecting sap.

• CVE-2026-27680CSS Injection vulnerability in SAP NetWeaver Application Server ABAP3.1May 14, 2026
• CVE-2026-40135OS Command Injection vulnerability in SAP NetWeaver Application Server for ABAP and ABAP Platform6.5May 12, 2026
• CVE-2026-34263Missing authentication check in SAP Commerce cloud configuration9.6May 12, 2026
• CVE-2026-34260SQL injection vulnerability in SAP S/4HANA (SAP Enterprise Search for ABAP)9.6May 12, 2026
• CVE-2026-27682Reflected Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server ABAP (Applications based on Business Server Pages)4.7May 12, 2026
• CVE-2026-34264Information Disclosure vulnerability in SAP Human Capital Management for SAP S/4HANA6.5Apr 14, 2026
• CVE-2026-34262Information Disclosure Vulnerability in SAP HANA Cockpit and HANA Database Explorer5.0Apr 14, 2026
• CVE-2026-34261Missing Authorization check in SAP Business Analytics and SAP Content Management6.5Apr 14, 2026
• CVE-2026-34257Open Redirect vulnerability in SAP NetWeaver Application Server ABAP6.1Apr 14, 2026
• CVE-2026-34256Missing Authorization check in SAP ERP and SAP S/4 HANA (Private Cloud and On-Premise)7.1Apr 14, 2026
• CVE-2026-27681SQL Injection vulnerability in SAP Business Planning and Consolidation and SAP Business Warehouse9.9Apr 14, 2026
• CVE-2026-27679Missing Authorization check in SAP S/4HANA Frontend OData Service (Manage Reference Structures)6.5Apr 14, 2026
• CVE-2026-27677Missing Authorization check in SAP S/4HANA OData Service (Manage Reference Equipment)6.5Apr 14, 2026
• CVE-2026-27674Code Injection vulnerability in SAP NetWeaver Application Server Java (Web Dynpro Java)6.1Apr 14, 2026
• CVE-2026-0512Cross-Site Scripting (XSS) vulnerability in SAP Supplier Relationship Management (SICF Handler in SRM Catalog)6.1Apr 14, 2026