Authorization Check Flaw in SAP ABAP Systems by SAP
CVE-2026-0486

5MEDIUM

Key Information:

Vendor: SAP
Status: Abap Based SAP Systems
Vendor: CVE Published:; 10 February 2026

What is CVE-2026-0486?

In certain ABAP-based SAP systems, a remote-enabled function module fails to implement necessary authorization checks for authenticated users. This vulnerability can potentially lead to the unauthorized disclosure of sensitive system information. While it poses low risk to the confidentiality of data, it underscores the importance of rigorous authorization processes to maintain system security integrity and reliability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

ABAP based SAP systems ST-PI 2005_1_700

ABAP based SAP systems 2008_1_710

ABAP based SAP systems 740

References

https://me.sap.com/notes/3691645

https://url.sap/sapsecuritypatchday

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Feb 10, 2026
Vulnerability Reserved
Dec 9, 2025

JSON

SAP