Memory Corruption Vulnerability in SAP NetWeaver Application Server ABAP
CVE-2026-44747

9.9CRITICAL

Key Information:

Vendor

SAP

Vendor
CVE Published:
14 July 2026

What is CVE-2026-44747?

An authenticated attacker exploiting logical errors within the memory management of SAP NetWeaver Application Server ABAP may experience potential memory corruption that could facilitate unauthorized access to sensitive data, modification of existing data, or even lead to system unavailability. This vulnerability poses a significant risk to the confidentiality, integrity, and availability of the applications relying on this server architecture.

Affected Version(s)

SAP NetWeaver Application Server ABAP KRNL64NUC 7.22

SAP NetWeaver Application Server ABAP 7.22EXT

SAP NetWeaver Application Server ABAP KRNL64UC 7.22

References

CVSS V3.1

Score:
9.9
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.