CVE-2026-34256

🗓️ 14 Apr 2026 00:08:26Reported by sapType

Missing authorization lets an attacker overwrite an eight-character report in SAP ERP and S4HANA, affecting availability.

Reporter	Title	Published	Views	Family All 9
ATTACKERKB	CVE-2026-34256	14 Apr 202600:08	–	attackerkb
Circl	CVE-2026-34256	14 Apr 202603:16	–	circl
CNNVD	SAP ERP和SAP S/4HANA 安全漏洞	14 Apr 202600:00	–	cnnvd
Cvelist	CVE-2026-34256 Missing Authorization check in SAP ERP and SAP S/4 HANA (Private Cloud and On-Premise)	14 Apr 202600:08	–	cvelist
EUVD	EUVD-2026-22166	14 Apr 202600:08	–	euvd
NCSC	Vulnerabilities fixed in SAP products	14 Apr 202612:55	–	ncsc
NVD	CVE-2026-34256	14 Apr 202601:16	–	nvd
Positive Technologies	PT-2026-32566	14 Apr 202600:00	–	ptsecurity
Vulnrichment	CVE-2026-34256 Missing Authorization check in SAP ERP and SAP S/4 HANA (Private Cloud and On-Premise)	14 Apr 202600:08	–	vulnrichment

Vulners

Node

sap erpMatch618

sap s/4_hanaMatch618

sap erpMatch720

sap s/4_hanaMatch720

sap erpMatch730

sap s/4_hanaMatch730

sap erpMatch617

sap s/4_hanaMatch617

sap erpMatch700

sap s/4_hanaMatch700

sap erpMatch135

sap s/4_hanaMatch135

sap s4coreMatch102

sap erpMatch103

sap s/4_hanaMatch103

sap erpMatch104

sap s/4_hanaMatch104

sap erpMatch105

sap s/4_hanaMatch105

sap erpMatch106

sap s/4_hanaMatch106

sap erpMatch107

sap s/4_hanaMatch107

sap erpMatch108

sap s/4_hanaMatch108

sap erpMatch109

sap s/4_hanaMatch109

sap erpMatch600

sap s/4_hanaMatch600

sap erpMatch602

sap s/4_hanaMatch602

sap erpMatch603

sap s/4_hanaMatch603

sap erpMatch604

sap s/4_hanaMatch604

sap erpMatch605

sap s/4_hanaMatch605

sap erpMatch606

sap s/4_hanaMatch606

[
  {
    "vendor": "SAP_SE",
    "product": "SAP ERP and SAP S/4 HANA (Private Cloud and On-Premise)",
    "versions": [
      {
        "status": "affected",
        "version": "SAP_FIN 618"
      },
      {
        "status": "affected",
        "version": "720"
      },
      {
        "status": "affected",
        "version": "730"
      },
      {
        "status": "affected",
        "version": "EA-FIN 617"
      },
      {
        "status": "affected",
        "version": "700"
      },
      {
        "status": "affected",
        "version": "SAPSCORE 135"
      },
      {
        "status": "affected",
        "version": "S4CORE 102"
      },
      {
        "status": "affected",
        "version": "103"
      },
      {
        "status": "affected",
        "version": "104"
      },
      {
        "status": "affected",
        "version": "105"
      },
      {
        "status": "affected",
        "version": "106"
      },
      {
        "status": "affected",
        "version": "107"
      },
      {
        "status": "affected",
        "version": "108"
      },
      {
        "status": "affected",
        "version": "109"
      },
      {
        "status": "affected",
        "version": "EA-APPL 600"
      },
      {
        "status": "affected",
        "version": "602"
      },
      {
        "status": "affected",
        "version": "603"
      },
      {
        "status": "affected",
        "version": "604"
      },
      {
        "status": "affected",
        "version": "605"
      },
      {
        "status": "affected",
        "version": "606"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
url	www.url.sap/sapsecuritypatchday
me	www.me.sap.com/notes/3731908

17 Apr 2026 15:18Current

5.8Medium risk

Vulners AI Score5.8

CVSS 3.17.1

EPSS0.00047

SSVC

CWE-862