CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

144 matches found

Cvelist•added 2026/06/09 12:19 a.m.•33 views

CVE-2026-24315 Path Traversal Vulnerability in SAP Fiori (launchpad)

SAP Fiori Launchpad allows attackers to craft malicious URLs that triggers arbitrary service calls on the Fiori domain, this when opened by the user could compromise accounts by stealing user credentials. Successful exploitation requires adversaries to possess advanced knowledge of the system...

4.2CVSS0.00174EPSS

Exploits0References2

Vulnrichment•added 2026/06/09 12:19 a.m.•6 views

CVE-2026-24315 Path Traversal Vulnerability in SAP Fiori (launchpad)

SAP Fiori Launchpad allows attackers to craft malicious URLs that triggers arbitrary service calls on the Fiori domain, this when opened by the user could compromise accounts by stealing user credentials. Successful exploitation requires adversaries to possess advanced knowledge of the system...

4.2CVSS5.6AI score0.00174EPSS

Exploits0References2

ATTACKERKB•added 2026/06/09 12:19 a.m.•6 views

CVE-2026-24315

SAP Fiori Launchpad allows attackers to craft malicious URLs that triggers arbitrary service calls on the Fiori domain, this when opened by the user could compromise accounts by stealing user credentials. Successful exploitation requires adversaries to possess advanced knowledge of the system...

4.2CVSS5.6AI score0.00174EPSS

Exploits0References3Affected Software1

EUVD•added 2026/06/09 12:19 a.m.•9 views

EUVD-2026-35277

SAP Fiori Launchpad allows attackers to craft malicious URLs that triggers arbitrary service calls on the Fiori domain, this when opened by the user could compromise accounts by stealing user credentials. Successful exploitation requires adversaries to possess advanced knowledge of the system...

4.2CVSS5.6AI score0.00174EPSS

Exploits0References2

NVD•added 2026/02/10 4:16 a.m.•5 views

CVE-2026-23688

SAP Fiori App Manage Service Entry Sheets does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has low impact on integrity, confidentiality and availability are not impacted...

4.3CVSS0.00158EPSS

Exploits0References2

Vulnrichment•added 2026/02/10 3:2 a.m.•4 views

CVE-2026-23688 Missing Authorization check in SAP Fiori App (Manage Service Entry Sheets - Lean Services)

SAP Fiori App Manage Service Entry Sheets does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has low impact on integrity, confidentiality and availability are not impacted...

4.3CVSS5.5AI score0.00158EPSS

Exploits0References2

Cvelist•added 2026/02/10 3:2 a.m.•29 views

CVE-2026-23688 Missing Authorization check in SAP Fiori App (Manage Service Entry Sheets - Lean Services)

SAP Fiori App Manage Service Entry Sheets does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has low impact on integrity, confidentiality and availability are not impacted...

4.3CVSS0.00158EPSS

Exploits0References2

Vulnrichment•added 2026/01/27 12:22 a.m.•2 views

CVE-2026-23683 Missing Authorization check in SAP Fiori App (Intercompany Balance Reconciliation)

SAP Fiori App Intercompany Balance Reconciliation does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has low impact on confidentiality, integrity and availability are not impacted...

4.3CVSS5.9AI score0.00179EPSS

Exploits0References2

ATTACKERKB•added 2026/01/27 12:22 a.m.•4 views

CVE-2026-23683

SAP Fiori App Intercompany Balance Reconciliation does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has low impact on confidentiality, integrity and availability are not impacted...

4.3CVSS5.9AI score0.00179EPSS

Exploits0References3Affected Software1

EUVD•added 2026/01/27 12:22 a.m.•5 views

EUVD-2026-4844

SAP Fiori App Intercompany Balance Reconciliation does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has low impact on confidentiality, integrity and availability are not impacted...

4.3CVSS5.9AI score0.00179EPSS

Exploits0References2

RedhatCVE•added 2026/01/14 1:22 a.m.•3 views

CVE-2026-0493

Due to a Cross-Site Request Forgery CSRF vulnerability in SAP Fiori App Intercompany Balance Reconciliation an attacker could execute state?changing actions using an inappropriate request type, this deviation from expected request semantics may allow an attacker to trigger unintended actions on...

4.3CVSS6.8AI score0.0011EPSS

Exploits0References1

NVD•added 2026/01/13 2:15 a.m.•7 views

CVE-2026-0493

Due to a Cross-Site Request Forgery CSRF vulnerability in SAP Fiori App Intercompany Balance Reconciliation an attacker could execute state?changing actions using an inappropriate request type, this deviation from expected request semantics may allow an attacker to trigger unintended actions on...

4.3CVSS0.0011EPSS

Exploits0References2

NVD•added 2026/01/13 2:15 a.m.•6 views

CVE-2026-0496

SAP Fiori App Intercompany Balance Reconciliation allows an attacker with high privileges to upload any file including script files without proper file format validation. This has low impact on confidentiality, integrity and availability of the application...

6.6CVSS0.00191EPSS

Exploits0References2

CVE•added 2026/01/13 1:15 a.m.•12 views

CVE-2026-0511

The CVE-2026-0511 issue affects SAP Fiori App Intercompany Balance Reconciliation. The vulnerability is due to missing authorization checks for an authenticated user, enabling privilege escalation. Impact is high on confidentiality and integrity; availability is not affected. The issue is corrobo...

8.1CVSS6.7AI score0.0026EPSS

Exploits0References2

Cvelist•added 2026/01/13 1:13 a.m.•23 views

CVE-2026-0496 Multiple vulnerabilities in SAP Fiori App (Intercompany Balance Reconciliation)

SAP Fiori App Intercompany Balance Reconciliation allows an attacker with high privileges to upload any file including script files without proper file format validation. This has low impact on confidentiality, integrity and availability of the application...

6.6CVSS0.00191EPSS

Exploits0References2

Vulnrichment•added 2026/01/13 1:13 a.m.•2 views

CVE-2026-0496 Multiple vulnerabilities in SAP Fiori App (Intercompany Balance Reconciliation)

SAP Fiori App Intercompany Balance Reconciliation allows an attacker with high privileges to upload any file including script files without proper file format validation. This has low impact on confidentiality, integrity and availability of the application...

6.6CVSS6.6AI score0.00191EPSS

Exploits0References2

Cvelist•added 2026/01/13 1:13 a.m.•21 views

CVE-2026-0495 Multiple vulnerabilities in SAP Fiori App (Intercompany Balance Reconciliation)

SAP Fiori App Intercompany Balance Reconciliation allows an attacker with high privileges to send uploaded files to arbitrary emails which could enable effective phishing campaigns. This has low impact on confidentiality, integrity and availability of the application...

5.1CVSS0.0015EPSS

Exploits0References2

CVE•added 2026/01/13 1:13 a.m.•12 views

CVE-2026-0495

CVE-2026-0495 affects SAP Fiori App Intercompany Balance Reconciliation. A high-privilege attacker can cause the application to send uploaded files to arbitrary email addresses, enabling phishing campaigns. Impact on confidentiality, integrity and availability is described as low. The provided do...

5.1CVSS6.5AI score0.0015EPSS

Exploits0References2

Cvelist•added 2026/01/13 1:13 a.m.•25 views

CVE-2026-0494 Information Disclosure vulnerability in SAP Fiori App (Intercompany Balance Reconciliation)

Under certain conditions SAP Fiori App Intercompany Balance Reconciliation application allows an attacker to access information which would otherwise be restricted. This has low impact on confidentiality of the application, integrity and availability are not impacted...

4.3CVSS0.00187EPSS

Exploits0References2

Cvelist•added 2026/01/13 1:13 a.m.•24 views

CVE-2026-0493 Cross-Site Request Forgery (CSRF) vulnerability in SAP Fiori App (Intercompany Balance Reconciliation)

Due to a Cross-Site Request Forgery CSRF vulnerability in SAP Fiori App Intercompany Balance Reconciliation an attacker could execute state?changing actions using an inappropriate request type, this deviation from expected request semantics may allow an attacker to trigger unintended actions on...

4.3CVSS0.0011EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by