SAP BusinessObjects BI Platform Vulnerability Exposing Authentication Risks
CVE-2026-0490

7.5HIGH

Key Information:

Vendor: SAP
Status: SAP Businessobjects Bi Platform
Vendor: CVE Published:; 10 February 2026

What is CVE-2026-0490?

An authentication vulnerability has been discovered in the SAP BusinessObjects BI Platform, allowing unauthenticated attackers to send crafted network requests to a trusted endpoint. This exploit can disrupt legitimate user access, significantly impacting the platform's availability while leaving confidentiality and integrity intact. Users of the platform are urged to implement the latest security patches to mitigate this risk.

Affected Version(s)

SAP BusinessObjects BI Platform ENTERPRISE 430

SAP BusinessObjects BI Platform 2025

SAP BusinessObjects BI Platform 2027

References

https://me.sap.com/notes/3654236

https://url.sap/sapsecuritypatchday

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 10, 2026
Vulnerability Reserved
Dec 9, 2025

CVE-2026-0490 Data

JSON