CVE-2026-40131 SQL Injection vulnerability in SAP HANA Deployment Infrastructure (HDI) deploy library

SQL injection vulnerability exists in @sap/hdi-deploy package, where SQL queries are dynamically constructed using user input without proper parameterization or prepared statements. Successful exploitation could allow the high privileged users to alter the SELECT statements impacting...

SAP HANA Deployment Infrastructure deploy library SQL注入漏洞

SAP HANA Deployment Infrastructure deploy library is a deployment support library developed by SAP, a German company, for the deployment and lifecycle management of SAP HANA applications. The SAP HANA Deployment Infrastructure deploy library contains a SQL injection vulnerability. This...

The vulnerability of the SAP HANA platform’s deployment service, specifically saphanabootstrap-formula, on the OpenSUSE Leap operating system, allows a perpetrator to escalate their privileges.

The vulnerability of the SAP HANA platform’s deployment service, specifically saphanabootstrap-formula for OpenSUSE Leap operating systems, is related to errors in the use of standard permissions. Exploiting this vulnerability can allow attackers to increase their privileges by executing the sudo...