CVE-2026-23687

🗓️ 10 Feb 2026 03:02:47Reported by sapType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 9 Views

Authenticated attacker with privileges can forge tampered signed XML, risking unauthorized access.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2026-23687	10 Feb 202604:21	–	circl
CNNVD	SAP AS ABAP和SAP NetWeaver ABAP Platform 数据伪造问题漏洞	10 Feb 202600:00	–	cnnvd
Cvelist	CVE-2026-23687 XML Signature Wrapping in SAP NetWeaver AS ABAP and ABAP Platform	10 Feb 202603:02	–	cvelist
NCSC	Vulnerabilities fixed in SAP products	10 Feb 202612:28	–	ncsc
NVD	CVE-2026-23687	10 Feb 202604:16	–	nvd
Positive Technologies	PT-2026-7214	10 Feb 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-23687	11 Feb 202607:30	–	redhatcve
Tenable Nessus	SAP NetWeaver AS ABAP XML Signature Wrapping (3697567)	13 Feb 202600:00	–	nessus
Vulnrichment	CVE-2026-23687 XML Signature Wrapping in SAP NetWeaver AS ABAP and ABAP Platform	10 Feb 202603:02	–	vulnrichment

NVD

Vulners

Node

sap sap_basisMatch700

sap sap_basisMatch701

sap sap_basisMatch702

sap sap_basisMatch731

sap sap_basisMatch740

sap sap_basisMatch750

sap sap_basisMatch751

sap sap_basisMatch752

sap sap_basisMatch753

sap sap_basisMatch754

sap sap_basisMatch755

sap sap_basisMatch756

sap sap_basisMatch757

sap sap_basisMatch758

sap sap_basisMatch804

sap sap_basisMatch916

sap sap_basisMatch917

sap sap_basisMatch918

[
  {
    "defaultStatus": "unaffected",
    "product": "SAP NetWeaver AS ABAP and ABAP Platform",
    "vendor": "SAP_SE",
    "versions": [
      {
        "status": "affected",
        "version": "SAP_BASIS 700"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 701"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 702"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 731"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 740"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 750"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 751"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 752"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 753"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 754"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 755"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 756"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 757"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 758"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 804"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 816"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 916"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 917"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 918"
      }
    ]
  }
]

Source	Link
url	www.url.sap/sapsecuritypatchday
me	www.me.sap.com/notes/3697567

17 Feb 2026 16:12Current

5.5Medium risk

Vulners AI Score5.5

CVSS 3.18.8

EPSS0.00019

SSVC

CWE-347