CVE-2026-24326

🗓️ 10 Feb 2026 03:04:39Reported by sapType

Missing authorization in SAP disconnected operations allows privileged users to update a standard table via remote calls.

Reporter	Title	Published	Views	Family All 7
CNNVD	SAP S/4HANA Defense & Security 安全漏洞	10 Feb 202600:00	–	cnnvd
Cvelist	CVE-2026-24326 Missing authorization check in SAP S/4HANA Defense & Security (Disconnected Operations)	10 Feb 202603:04	–	cvelist
NCSC	Vulnerabilities fixed in SAP products	10 Feb 202612:28	–	ncsc
NVD	CVE-2026-24326	10 Feb 202604:16	–	nvd
Positive Technologies	PT-2026-7225	10 Feb 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-24326	11 Feb 202607:30	–	redhatcve
Vulnrichment	CVE-2026-24326 Missing authorization check in SAP S/4HANA Defense & Security (Disconnected Operations)	10 Feb 202603:04	–	vulnrichment

NVD

Vulners

Node

sap s/4hana_defense_&_securityMatch600

sap s/4hana_defense_&_securityMatch603

sap s/4hana_defense_&_securityMatch604

sap s/4hana_defense_&_securityMatch605

sap s/4hana_defense_&_securityMatch606

sap s/4hana_defense_&_securityMatch616

sap s/4hana_defense_&_securityMatch617

sap s/4hana_defense_&_securityMatch618

sap s/4hana_defense_&_securityMatch619

sap s/4hana_defense_&_securityMatch800

sap s/4hana_defense_&_securityMatch801

sap s/4hana_defense_&_securityMatch802

sap s/4hana_defense_&_securityMatch803

sap s/4hana_defense_&_securityMatch804

sap s/4hana_defense_&_securityMatch805

sap s/4hana_defense_&_securityMatch806

sap s/4hana_defense_&_securityMatch807

sap s/4hana_defense_&_securityMatch808

sap s/4hana_defense_&_securityMatch809

[
  {
    "defaultStatus": "unaffected",
    "product": "SAP S/4HANA Defense & Security (Disconnected Operations)",
    "vendor": "SAP_SE",
    "versions": [
      {
        "status": "affected",
        "version": "EA-DFPS 600"
      },
      {
        "status": "affected",
        "version": "603"
      },
      {
        "status": "affected",
        "version": "604"
      },
      {
        "status": "affected",
        "version": "605"
      },
      {
        "status": "affected",
        "version": "606"
      },
      {
        "status": "affected",
        "version": "616"
      },
      {
        "status": "affected",
        "version": "617"
      },
      {
        "status": "affected",
        "version": "618"
      },
      {
        "status": "affected",
        "version": "619"
      },
      {
        "status": "affected",
        "version": "800"
      },
      {
        "status": "affected",
        "version": "801"
      },
      {
        "status": "affected",
        "version": "802"
      },
      {
        "status": "affected",
        "version": "803"
      },
      {
        "status": "affected",
        "version": "804"
      },
      {
        "status": "affected",
        "version": "805"
      },
      {
        "status": "affected",
        "version": "806"
      },
      {
        "status": "affected",
        "version": "807"
      },
      {
        "status": "affected",
        "version": "808"
      },
      {
        "status": "affected",
        "version": "809"
      }
    ]
  }
]

Source	Link
me	www.me.sap.com/notes/3678009
url	www.url.sap/sapsecuritypatchday

17 Feb 2026 15:13Current

5.5Medium risk

Vulners AI Score5.5

CVSS 3.14.3

EPSS0.00014

SSVC

CWE-862