What is CVE-2026-44749?

CVE-2026-44749 is a medium-severity vulnerability in Sap_se Sap Gateway, classified under Exposure of Sensitive System Information to an Unauthorized Control Sphere. CVSS score: 4.3/10. Published 2026-05-26.

How severe is CVE-2026-44749?

Medium severity. CVSS v3 base score is 4.3 out of 10.

Vulnerability in Sap_se Sap Gateway

CVE-2026-44749

The SAP Gateway allows attackers to inject content into error messages, potentially leading to disclosure of request artefacts (e.g., regex patterns) and revealing underlying URI parsing logic. Leading to low impact on confidentiality. Int…

EPSS: 0.000 (1.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N.

Affected products

Sap_se Sap Gateway — versions SAP_GWFND 750, 751, 752

Weakness classification (CWE)

CWE-497 — Exposure of Sensitive System Information to an Unauthorized Control Sphere

References

Frequently asked questions

What is CVE-2026-44749?: CVE-2026-44749 is a medium-severity vulnerability in Sap_se Sap Gateway, classified under Exposure of Sensitive System Information to an Unauthorized Control Sphere. CVSS score: 4.3/10. Published 2026-05-26.
How severe is CVE-2026-44749?: Medium severity. CVSS v3 base score is 4.3 out of 10.