EUVD-2026-22138

🗓️ 14 Apr 2026 00:06:08Reported by EUVDType

Cross Site Scripting in the Supplier Relationship Management Catalog enables unauthenticated URL exploits.

Reporter	Title	Published	Views	Family All 9
ATTACKERKB	CVE-2026-0512	14 Apr 202600:06	–	attackerkb
CNNVD	SAP Supplier Relationship Management（SRM）跨站脚本漏洞	14 Apr 202600:00	–	cnnvd
CVE	CVE-2026-0512	14 Apr 202600:06	–	cve
Cvelist	CVE-2026-0512 Cross-Site Scripting (XSS) vulnerability in SAP Supplier Relationship Management (SICF Handler in SRM Catalog)	14 Apr 202600:06	–	cvelist
NCSC	Vulnerabilities fixed in SAP products	14 Apr 202612:55	–	ncsc
NVD	CVE-2026-0512	14 Apr 202600:16	–	nvd
Positive Technologies	PT-2026-32550	14 Apr 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-0512	5 Jun 202619:25	–	redhatcve
Vulnrichment	CVE-2026-0512 Cross-Site Scripting (XSS) vulnerability in SAP Supplier Relationship Management (SICF Handler in SRM Catalog)	14 Apr 202600:06	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "60e1aa43-391c-305a-948a-854d4dfafeb0",
        "vendor": {
          "name": "SAP_SE"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "11b34a8e-26ac-3324-9934-4ff3665ef576",
        "product": {
          "name": "SAP Supplier Relationship Management (SICF Handler in SRM Catalog)"
        },
        "product_version": "713"
      },
      {
        "id": "135749e6-89bd-339c-a49f-eaf246ff76c7",
        "product": {
          "name": "SAP Supplier Relationship Management (SICF Handler in SRM Catalog)"
        },
        "product_version": "SRM_SERVER 702"
      },
      {
        "id": "4c0d127a-b5fb-3491-a109-64128f0e2ccd",
        "product": {
          "name": "SAP Supplier Relationship Management (SICF Handler in SRM Catalog)"
        },
        "product_version": "714"
      }
    ]
  }
]

Source	Link
me	www.me.sap.com/notes/3645228
url	www.url.sap/sapsecuritypatchday

14 Apr 2026 00:06Current

6Medium risk

Vulners AI Score6

CVSS 3.16.1

EPSS0.00108

SSVC