CVE-2026-0506

🗓️ 13 Jan 2026 01:14:33Reported by sapType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 12 Views

Missing authorization in SAP NetWeaver ABAP lets authenticated attackers misuse remote function calls to run Form routines, impacting integrity and availability.

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2026-0506	13 Jan 202603:00	–	circl
CNNVD	SAP NetWeaver Application Server 安全漏洞	13 Jan 202600:00	–	cnnvd
Cvelist	CVE-2026-0506 Missing Authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform	13 Jan 202601:14	–	cvelist
EUVD	EUVD-2026-2376	13 Jan 202601:14	–	euvd
NCSC	Vulnerabilities fixed in SAP products	13 Jan 202614:42	–	ncsc
NVD	CVE-2026-0506	13 Jan 202602:15	–	nvd
Positive Technologies	PT-2026-2340	13 Jan 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-0506	14 Jan 202601:22	–	redhatcve
Tenable Nessus	SAP NetWeaver AS ABAP Missing Authorization Check (3688703)	16 Jan 202600:00	–	nessus
Vulnrichment	CVE-2026-0506 Missing Authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform	13 Jan 202601:14	–	vulnrichment

NVD

Vulners

Node

sap netweaver_application_server_abapMatch700sap_basis

sap netweaver_application_server_abapMatch701sap_basis

sap netweaver_application_server_abapMatch702sap_basis

sap netweaver_application_server_abapMatch731sap_basis

sap netweaver_application_server_abapMatch740sap_basis

sap netweaver_application_server_abapMatch750sap_basis

sap netweaver_application_server_abapMatch751sap_basis

sap netweaver_application_server_abapMatch752sap_basis

sap netweaver_application_server_abapMatch753sap_basis

sap netweaver_application_server_abapMatch754sap_basis

sap netweaver_application_server_abapMatch755sap_basis

sap netweaver_application_server_abapMatch756sap_basis

sap netweaver_application_server_abapMatch757sap_basis

sap netweaver_application_server_abapMatch758sap_basis

sap netweaver_application_server_abapMatch816sap_basis

[
  {
    "defaultStatus": "unaffected",
    "product": "SAP NetWeaver Application Server ABAP and ABAP Platform",
    "vendor": "SAP_SE",
    "versions": [
      {
        "status": "affected",
        "version": "SAP_BASIS 700"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 701"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 702"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 731"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 740"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 750"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 751"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 752"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 753"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 754"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 755"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 756"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 757"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 758"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 816"
      }
    ]
  }
]

Source	Link
url	www.url.sap/sapsecuritypatchday
me	www.me.sap.com/notes/3688703

22 Jan 2026 18:48Current

6.6Medium risk

Vulners AI Score6.6

CVSS 3.18.1

EPSS0.00074

SSVC

CWE-862