CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2026/05/12 5:46 a.m.•6 views

CVE-2026-0804

6.7CVSS5.8AI score0.00128EPSS

Exploits0References1

CVE•added 2026/05/12 5:46 a.m.•13 views

CVE-2026-0804

Technical details are not publicly available in the provided documents. Monitor for updates.

7.3CVSS5.8AI score0.00128EPSS

Exploits0References1Affected Software1

ATTACKERKB•added 2026/05/12 5:44 a.m.•8 views

CVE-2026-0802

6CVSS5.8AI score0.00396EPSS

ATTACKERKB•added 2026/05/12 5:42 a.m.•12 views

CVE-2026-0541

ACAP applications can gain elevated privileges due to improper input validation during the installation process, potentially leading to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if a...

6.7CVSS5.8AI score0.00096EPSS

EUVD•added 2026/05/12 3:31 a.m.•4 views

EUVD-2026-29361

Due to a Code Injection vulnerability in SAP Application Server ABAP for SAP NetWeaver and ABAP Platform, an authenticated attacker could send specially crafted inputs to the application. If processed by the application, this input could be delivered to users subscribed to the channel and result ...

4.3CVSS6.3AI score0.00255EPSS

Exploits0References3

NVD•added 2026/05/12 3:16 a.m.•8 views

CVE-2026-40137

SAP TAFAPPLAUNCHER within Business Server Pages allows an unauthenticated attacker to craft malicious links that, when clicked by a victim, redirects them to attacker?controlled sites, potentially exposing or altering sensitive information in the victim�s browser. This results in a low impact on...

6.1CVSS0.00211EPSS

NVD•added 2026/05/12 3:16 a.m.•30 views

CVE-2026-40129

4.3CVSS0.00255EPSS

NVD•added 2026/05/12 3:16 a.m.•32 views

CVE-2026-34260

SAP S/4HANA SAP Enterprise Search for ABAP contains a SQL injection vulnerability that allows an authenticated attacker to inject malicious SQL statements through user-controlled input. The application directly concatenates this malicious user input into SQL queries, which are then passed to the...

9.6CVSS0.00466EPSS

CVE•added 2026/05/12 2:23 a.m.•10 views

CVE-2026-40137

SAP CVE-2026-40137 affects the SAP TAF_APPLAUNCHER component of Business Server Pages. It describes a Cross-Site Scripting (XSS) issue where an unauthenticated attacker can craft malicious links that, when a victim clicks, redirect to attacker‑controlled sites and potentially expose or alter info...

6.1CVSS5.8AI score0.00211EPSS

CVE•added 2026/05/12 2:21 a.m.•11 views

CVE-2026-40135

This CVE concerns SAP NetWeaver Application Server for ABAP and ABAP Platform. An OS Command Injection allows an authenticated attacker with administrative privileges to execute arbitrary shell commands on the server, bypassing the logging mechanism and potentially impacting integrity and availab...

6.5CVSS6AI score0.01398EPSS

Cvelist•added 2026/05/12 2:21 a.m.•70 views

CVE-2026-40135 OS Command Injection vulnerability in SAP NetWeaver Application Server for ABAP and ABAP Platform

An OS Command Injection vulnerability exists in the SAP NetWeaver Application Server for ABAP and ABAP Platform that allows an authenticated attacker with administrative access to execute specially crafted shell commands on the server, bypassing the logging mechanism. This allows the execution of...

6.5CVSS0.01398EPSS

ATTACKERKB•added 2026/05/12 2:20 a.m.•4 views

CVE-2026-40129

4.3CVSS6.3AI score0.00255EPSS

Exploits0References3

Vulnrichment•added 2026/05/12 2:20 a.m.•6 views

CVE-2026-40129 Code Injection vulnerability in SAP Application Server ABAP for SAP NetWeaver and ABAP Platform

4.3CVSS6.3AI score0.00255EPSS

CVE•added 2026/05/12 2:20 a.m.•17 views

CVE-2026-34260

Summary of CVE-2026-34260 Affected software: SAP S/4HANA with SAP Enterprise Search for ABAP . Vulnerability: A SQL injection flaw where user-controlled input is directly concatenated into SQL queries and passed to the database without proper validation or sanitization. Impact: If exploited by an...

ATTACKERKB•added 2026/05/12 2:20 a.m.•7 views

CVE-2026-34260

Vulnrichment•added 2026/05/12 2:20 a.m.•13 views

Exploits0References3

CVE-2026-34260 SQL injection vulnerability in SAP S/4HANA (SAP Enterprise Search for ABAP)

CNNVD•added 2026/05/12 12:0 a.m.•7 views

SAP S/4HANA SQL注入漏洞

SAP S/4HANA is a enterprise resource management software developed by SAP, a German company, based on the SAP HANA memory database system. SAP S/4HANA has a SQL injection vulnerability. This vulnerability allows authenticated attackers to inject malicious SQL statements through user-controlled...

9.6CVSS6.1AI score0.00466EPSS

Exploits0References1

Positive Technologies•added 2026/05/12 12:0 a.m.•15 views

PT-2026-39921

Name of the Vulnerable Software and Affected Versions SAP S/4HANA SAP Enterprise Search for ABAP affected versions not specified Description An authenticated attacker can inject malicious SQL statements through user-controlled input. The application directly concatenates this input into SQL queri...