Denial of Service Vulnerability in SAP Product
CVE-2026-27689

7.7HIGH

Key Information:

Vendor: SAP
Status: SAP Supply Chain Management
Vendor: CVE Published:; 10 March 2026

What is CVE-2026-27689?

This vulnerability allows an authenticated attacker with regular user privileges to invoke a remote-enabled function module with an excessively large loop-control parameter. The exploitation of this vulnerability leads to prolonged execution times, which can exhaust system resources and potentially render the SAP system unavailable. Although the integrity and confidentiality of the data remain intact, the denial-of-service condition severely affects system availability, necessitating prompt remediation to mitigate risks and protect organizational operations.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

SAP Supply Chain Management SCMAPO 713

SAP Supply Chain Management 714

SAP Supply Chain Management S4CORE 102

References

https://me.sap.com/notes/3719502

https://url.sap/sapsecuritypatchday

CVSS V3.1

Score:

7.7

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Mar 10, 2026
Vulnerability Reserved
Feb 23, 2026

JSON

SAP

What is CVE-2026-27689?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.