Lucene search
+L

Vulnerabilities fixed in SAP products

🗓️ 13 Jan 2026 14:42:24Reported by NCSCType 
ncsc
 ncsc
🔗 advisories.ncsc.nl👁 26 Views

SAP fixed vulnerabilities across products, including injection vulnerabilities and cross site scripting.

Related
Refs
ReporterTitlePublishedViews
Family
BDU FSTEC
The vulnerability of the Remote Function Call interface on the SAP S/4HANA software platform allows a perpetrator to bypass security restrictions, execute arbitrary code, and gain full control over the system.
14 Jan 202600:00
bdu_fstec
BDU FSTEC
The application for advanced analysis, creation of custom monitoring panels, and detailed examination of Workstation server metrics for data collection, storage, and display is vulnerable. The SAP SAP Wily Introscope Enterprise Manager (EM) allows attackers to execute arbitrary code.
14 Jan 202600:00
bdu_fstec
BDU FSTEC
The vulnerability of the Remote Function Call interface of the SAP Landscape Transformation (SLT) software tool allows a attacker to circumvent security restrictions, execute arbitrary code, and gain full control over the system.
14 Jan 202600:00
bdu_fstec
BDU FSTEC
The vulnerability of the REST Interface Version 2 interface of the SAP Identity Management tool allows a hacker to gain access to and modify user data.
14 Jan 202600:00
bdu_fstec
BDU FSTEC
The vulnerability of the User Management Engine component of the SAP NetWeaver Java Application Server web application server allows a perpetrator to gain unauthorized access to protected information.
14 Jan 202600:00
bdu_fstec
BDU FSTEC
The vulnerability of the SAP S/4HANA software platform, related to the failure to implement protective measures for SQL query structures, allows attackers to gain unauthorized access to protected information.
14 Jan 202600:00
bdu_fstec
BDU FSTEC
The vulnerability of the SAP Business Connector (SAP BC) application, which is related to the lack of protective measures for the website structure, allows attackers to carry out cross-site scripting attacks.
20 Jan 202600:00
bdu_fstec
BDU FSTEC
The vulnerability of the SAP NetWeaver Enterprise Portal software integration platform lies in the insufficient protection of the website structure, which allows attackers to execute arbitrary code.
23 Jan 202600:00
bdu_fstec
BDU FSTEC
The vulnerability of the SAP Fiori App web application, related to the falsification of cross-site requests, allows a hacker to compromise the integrity of the protected information.
23 Jan 202600:00
bdu_fstec
BDU FSTEC
The vulnerability of the SAP Fiori App web application, related to the disclosure of system data by unauthorized parties in the controlled area, allows attackers to gain unauthorized access to protected information.
23 Jan 202600:00
bdu_fstec
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

13 Jan 2026 14:42Current
8.2High risk
Vulners AI Score8.2
CVSS 48.7
CVSS 3.18.8 - 9.9
EPSS0.00878
SSVC
26