SAP Netweaver Vulnerabilities

Sap Netweaver vulnerabilities.

JSON RSS CSV 🔔 Create Alert Trigger

9 June 2026

Authorization Flaw in SAP ABAP Application Server Allows Privilege Escalation
CVE-2026-44751
SAPSAP Netweaver As Abap ...7.1HIGH
Authentication Bypass Vulnerability in SAP NetWeaver Application Server
CVE-2026-44748
SAPSAP Netweaver As Abap ...👾📰9.9CRITICAL
Reflected Cross-Site Scripting Vulnerability in SAP NetWeaver JAVA
CVE-2026-44746
SAPSAP Netweaver As Java ...6.1MEDIUM
Path Traversal Vulnerability in SAP NetWeaver Application Server Java
CVE-2026-40128
SAPSAP Netweaver Applicat...9CRITICAL
Improper RFC Protocol Validation in SAP Kernel Affects SAP NetWeaver and ABAP Platform
CVE-2026-27671
SAPSAP Netweaver As Abap ...9.8CRITICAL

14 May 2026

Improper Input Handling Vulnerability in SAP NetWeaver Application Server ABAP
CVE-2026-27680
SAPSAP Netweaver Applicat...3.1LOW

12 May 2026

OS Command Injection Vulnerability in SAP NetWeaver Application Server for ABAP
CVE-2026-40135
SAPSAP Netweaver Applicat...6.5MEDIUM
Code Injection Vulnerability in SAP Application Server ABAP for SAP NetWeaver
CVE-2026-40129
SAPSAP Application Server...4.3MEDIUM
Reflected Cross-Site Scripting Vulnerability in SAP NetWeaver Application Server ABAP
CVE-2026-27682
SAPSAP Netweaver Applicat...4.7MEDIUM

14 April 2026

Open Redirect Vulnerability in SAP NetWeaver Application Server ABAP
CVE-2026-34257
SAPSAP Netweaver Applicat...6.1MEDIUM
Code Injection Vulnerability in SAP NetWeaver Application Server Java
CVE-2026-27674
SAPSAP Netweaver Applicat...6.1MEDIUM

10 March 2026

Authorization Bypass in SAP NetWeaver Application Server for ABAP
CVE-2026-27688
SAPSAP Netweaver Applicat...5MEDIUM
Deserialization Vulnerability in SAP NetWeaver Enterprise Portal Administration
CVE-2026-27685
SAPSAP Netweaver Enterpri...9.1CRITICAL
SQL Injection Vulnerability in SAP NetWeaver Feedback Notifications Service
CVE-2026-27684
SAPSAP Netweaver (feedbac...6.4MEDIUM
Server-Side Request Forgery Vulnerability in SAP NetWeaver Application Server for ABAP
CVE-2026-24316
SAPSAP Netweaver Applicat...6.4MEDIUM
Authorization Flaw in SAP NetWeaver Application Server for ABAP
CVE-2026-24310
SAPSAP Netweaver Applicat...3.5LOW
Authorization Check Flaw in SAP NetWeaver Application Server for ABAP
CVE-2026-24309
SAPSAP Netweaver Applicat...6.4MEDIUM

10 February 2026

Memory Management Flaw in SAP NetWeaver and ABAP Platform
CVE-2026-24320
SAPSAP Netweaver And Abap...3.1LOW
Authentication Vulnerability in SAP NetWeaver Application Server ABAP
CVE-2026-23687
SAPSAP Netweaver As Abap ...8.8HIGH
CRLF Injection in SAP NetWeaver Application Server Java Vulnerability
CVE-2026-23686
SAPSAP Netweaver Applicat...3.4LOW
Deserialization Vulnerability in SAP NetWeaver JMS Service
CVE-2026-23685
SAPSAP Netweaver (jms Ser...4.4MEDIUM
SAP NetWeaver Application Server ABAP Vulnerability Allowing Unauthorized Remote Function Calls
CVE-2026-0509
SAPSAP Netweaver Applicat...9.6CRITICAL
Authorization Bypass Vulnerability in SAP NetWeaver and S/4HANA
CVE-2026-0484
SAPSAP Netweaver Applicat...6.5MEDIUM

13 January 2026

OS Command Injection Vulnerability in SAP Application Server for ABAP and NetWeaver RFCSDK
CVE-2026-0507
SAPSAP Application Server...8.4HIGH
Missing Authorization Check in Application Server ABAP from SAP
CVE-2026-0506
SAPSAP Netweaver Applicat...8.1HIGH

SAP Netweaver Vulnerabilities

Vulnerability Published:

Sort By:

9 June 2026

Authorization Flaw in SAP ABAP Application Server Allows Privilege Escalation

Authentication Bypass Vulnerability in SAP NetWeaver Application Server

Reflected Cross-Site Scripting Vulnerability in SAP NetWeaver JAVA

Path Traversal Vulnerability in SAP NetWeaver Application Server Java

Improper RFC Protocol Validation in SAP Kernel Affects SAP NetWeaver and ABAP Platform

14 May 2026

Improper Input Handling Vulnerability in SAP NetWeaver Application Server ABAP

12 May 2026

OS Command Injection Vulnerability in SAP NetWeaver Application Server for ABAP

Code Injection Vulnerability in SAP Application Server ABAP for SAP NetWeaver

Reflected Cross-Site Scripting Vulnerability in SAP NetWeaver Application Server ABAP

14 April 2026

Open Redirect Vulnerability in SAP NetWeaver Application Server ABAP

Code Injection Vulnerability in SAP NetWeaver Application Server Java

10 March 2026

Authorization Bypass in SAP NetWeaver Application Server for ABAP

Deserialization Vulnerability in SAP NetWeaver Enterprise Portal Administration

SQL Injection Vulnerability in SAP NetWeaver Feedback Notifications Service

Server-Side Request Forgery Vulnerability in SAP NetWeaver Application Server for ABAP

Authorization Flaw in SAP NetWeaver Application Server for ABAP

Authorization Check Flaw in SAP NetWeaver Application Server for ABAP

10 February 2026

Memory Management Flaw in SAP NetWeaver and ABAP Platform

Authentication Vulnerability in SAP NetWeaver Application Server ABAP

CRLF Injection in SAP NetWeaver Application Server Java Vulnerability

Deserialization Vulnerability in SAP NetWeaver JMS Service

SAP NetWeaver Application Server ABAP Vulnerability Allowing Unauthorized Remote Function Calls

Authorization Bypass Vulnerability in SAP NetWeaver and S/4HANA

13 January 2026

OS Command Injection Vulnerability in SAP Application Server for ABAP and NetWeaver RFCSDK

Missing Authorization Check in Application Server ABAP from SAP