Netweaver application server abap
This hub aggregates every CVE we track for Netweaver application server abap, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.
86
CVEs tracked
10
Critical
17
High
1
In CISA KEV
Severity distribution
MEDIUM53HIGH17CRITICAL10LOW6
Monthly trend
0
2
2
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
1
4
1
3
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Netweaver application server abap.
- CVE-2026-27680CSS Injection vulnerability in SAP NetWeaver Application Server ABAP3.1
- CVE-2026-40135OS Command Injection vulnerability in SAP NetWeaver Application Server for ABAP and ABAP Platform6.5
- CVE-2026-27682Reflected Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server ABAP (Applications based on Business Server Pages)4.7
- CVE-2026-34257Open Redirect vulnerability in SAP NetWeaver Application Server ABAP6.1
- CVE-2026-27688Missing Authorization check in SAP NetWeaver Application Server for ABAP5.0
- CVE-2026-24316Server-Side Request Forgery (SSRF) in SAP NetWeaver Application Server for ABAP6.4
- CVE-2026-24310Missing Authorization check in SAP NetWeaver Application Server for ABAP3.5
- CVE-2026-24309Missing Authorization check in SAP NetWeaver Application Server for ABAP6.4
- CVE-2026-0488Code Injection vulnerability in SAP CRM and SAP S/4HANA (Scripting Editor)9.9
- CVE-2026-0506Missing Authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform8.1
- CVE-2024-41728Missing Authorization check in SAP NetWeaver Application Server for ABAP and ABAP Platform2.7
- CVE-2024-44114Missing Authorization check in SAP NetWeaver Application Server for ABAP and ABAP Platform2.0
- CVE-2024-41734Missing Authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform4.3
- CVE-2024-41732Improper Access Control in SAP Netweaver Application Server ABAP4.7
- CVE-2024-33001Denial of service (DOS) in SAP NetWeaver and ABAP platform6.5
Product normalization is registry-driven with AI assist and human review. How it works