CVE-2026-40136 Denial of service (DoS) in SAP Financial Consolidation

SAP Financial Consolidation allows an authenticated attacker to disconnect other users by terminating their sessions temporarily preventing access. However, the application itself cannot be compromised resulting in a low impact on availability. There is no impact on confidentiality and integrity ...

CVE-2026-22323

A CSRF vulnerability in the Link Aggregation configuration interface allows an unauthenticated remote attacker to trick authenticated users into sending unauthorized POST requests to the device by luring them to a malicious webpage. This can silently alter the device’s configuration without the...

PT-2025-41837

Name of the Vulnerable Software and Affected Versions SAP NetWeaver AS ABAP and ABAP Platform affected versions not specified Description A memory corruption issue exists in SAP NetWeaver AS ABAP and ABAP Platform. An unauthenticated attacker can exploit this by sending a corrupted SAP Logon Tick...

CVE-2025-42955 Missing authorization check in SAP Cloud Connector

Due to a missing authorization check in SAP Cloud Connector, an attacker on an adjacent network with low privileges could send a crafted request to the endpoint responsible for testing LDAP connections. A successful exploit could lead to reduced performance, hence a low-impact on availability of...