CVE-2026-27678

Due to missing authorization checks in the SAP S/4HANA backend OData Service Manage Reference Structures, an attacker could update and delete child entities via exposed OData services without proper authorization. This vulnerability has a high impact on integrity, while confidentiality and...

CVE-2026-27679

Due to missing authorization checks in the SAP S/4HANA frontend OData Service Manage Reference Structures, an attacker could update and delete child entities via exposed OData services without proper authorization. This vulnerability has a high impact on integrity, while confidentiality and...

CVE-2026-27673

Due to a missing authorization check, SAP S/4HANA Private Cloud and On-Premise allows an authenticated user to delete files on the operating system and gain unauthorized control over file operations which could leads to no impact on Confidentiality, Low impact on Integrity and Availability of the...

CVE-2026-27676

Due to missing authorization checks in the SAP S/4HANA OData Service Manage Technical Object Structures, an attacker could update and delete child entities via exposed OData services without proper authorization. This vulnerability results in a low impact on integrity, while confidentiality and...

CVE-2026-34261

CVE-2026-34261 affects SAP Business Analytics and SAP Content Management. Root cause: missing authorization check enables an authenticated user to call certain remote function modules beyond their permissions. Impact: confidentiality is affected; no noted impact to integrity or availability. Expl...

CVE-2026-34261 Missing Authorization check in SAP Business Analytics and SAP Content Management

Due to a missing authorization check in SAP Business Analytics and SAP Content Management, an authenticated user could make unauthorized calls to certain remote function modules, potentially accessing sensitive information beyond their intended permissions. This vulnerability affects...

CVE-2026-34261 Missing Authorization check in SAP Business Analytics and SAP Content Management

Due to a missing authorization check in SAP Business Analytics and SAP Content Management, an authenticated user could make unauthorized calls to certain remote function modules, potentially accessing sensitive information beyond their intended permissions. This vulnerability affects...

EUVD-2026-22170

Due to a missing authorization check in SAP Business Analytics and SAP Content Management, an authenticated user could make unauthorized calls to certain remote function modules, potentially accessing sensitive information beyond their intended permissions. This vulnerability affects...

CVE-2026-34256

CVE-2026-34256 affects SAP ERP and SAP S/4HANA (Private Cloud and On-Premise). The issue arises from a missing authorization check that allows an authenticated actor with low privileges to run a specific ABAP report and overwrite an existing eight-character executable ABAP report without authoriz...

CVE-2026-34256 Missing Authorization check in SAP ERP and SAP S/4 HANA (Private Cloud and On-Premise)

Due to a missing authorization check in SAP ERP and SAP S/4HANA Private Cloud and On-Premise, an authenticated attacker could execute a particular ABAP report to overwrite any existing eight?character executable ABAP report without authorization. If the overwritten report is subsequently executed...

EUVD-2026-22166

Due to a missing authorization check in SAP ERP and SAP S/4HANA Private Cloud and On-Premise, an authenticated attacker could execute a particular ABAP report to overwrite any existing eight?character executable ABAP report without authorization. If the overwritten report is subsequently executed...

CVE-2026-27679

CVE-2026-27679 affects the SAP S/4HANA frontend OData Service (Manage Reference Structures). Missing authorization checks allow an attacker to update and delete child entities via exposed OData services, impacting integrity (I: High) with no confidentiality or availability impact stated. CVSS v3....

CVE-2026-27679 Missing Authorization check in SAP S/4HANA Frontend OData Service (Manage Reference Structures)

Due to missing authorization checks in the SAP S/4HANA frontend OData Service Manage Reference Structures, an attacker could update and delete child entities via exposed OData services without proper authorization. This vulnerability has a high impact on integrity, while confidentiality and...

CVE-2026-27677 Missing Authorization check in SAP S/4HANA OData Service (Manage Reference Equipment)

Due to missing authorization checks in the SAP S/4HANA OData Service Manage Reference Equipment, an attacker could update and delete child entities via OData services without proper authorization. This vulnerability has a high impact on integrity, while confidentiality and availability are not...

CVE-2026-27677 Missing Authorization check in SAP S/4HANA OData Service (Manage Reference Equipment)

Due to missing authorization checks in the SAP S/4HANA OData Service Manage Reference Equipment, an attacker could update and delete child entities via OData services without proper authorization. This vulnerability has a high impact on integrity, while confidentiality and availability are not...

EUVD-2026-22148

Due to missing authorization checks in the SAP S/4HANA OData Service Manage Technical Object Structures, an attacker could update and delete child entities via exposed OData services without proper authorization. This vulnerability results in a low impact on integrity, while confidentiality and...

CVE-2026-27673

CVE-2026-27673 describes a missing authorization check in SAP S/4HANA (Private Cloud and On-Premise) that allows an authenticated user to delete files on the operating system and perform unauthorized file operations. The underlying impact reported is: Confidentiality – None, Integrity – Low, Avai...

CVE-2026-27673 Missing Authorization Check in SAP S/4HANA (Private Cloud and On-Premise)

Due to a missing authorization check, SAP S/4HANA Private Cloud and On-Premise allows an authenticated user to delete files on the operating system and gain unauthorized control over file operations which could leads to no impact on Confidentiality, Low impact on Integrity and Availability of the...

EUVD-2026-22144

Due to a missing authorization check, SAP S/4HANA Private Cloud and On-Premise allows an authenticated user to delete files on the operating system and gain unauthorized control over file operations which could leads to no impact on Confidentiality, Low impact on Integrity and Availability of the...

CVE-2026-27673

Due to a missing authorization check, SAP S/4HANA Private Cloud and On-Premise allows an authenticated user to delete files on the operating system and gain unauthorized control over file operations which could leads to no impact on Confidentiality, Low impact on Integrity and Availability of the...