CVE-2026-27671

Technical details about CVE-2026-27671 are not publicly available in the provided documents. Monitor for updates from SAP/security advisories.

CVE-2023-25615

Due to insufficient input sanitization, SAP ABAP - versions 751, 753, 753, 754, 756, 757, 791, allows an authenticated high privileged user to alter the current session of the user by injecting the malicious database queries over the network and gain access to the unintended data. This may lead t...

PT-2025-41836

Name of the Vulnerable Software and Affected Versions SAP Application Server for ABAP affected versions not specified Description An authenticated attacker can store malicious JavaScript payloads. These payloads could be executed in a victim user's browser when accessing the affected functionalit...

CVE-2025-42918 Missing Authorization check in SAP NetWeaver Application Server for ABAP (Background Processing)

SAP NetWeaver Application Server for ABAP allows authenticated users with access to background processing to gain unauthorized read access to profile parameters. This results in a low impact on confidentiality, with no impact on integrity or availability...

The vulnerability of the ABAP Server component of the SAP NetWeaver software integration platform allows a hacker to inject arbitrary code.

The vulnerability of the ABAP Server component of the SAP NetWeaver software integration platform is related to incorrect code generation management. Exploiting this vulnerability allows a malicious actor to inject arbitrary code remotely...