Sap_se Sap Netweaver Application Server Abap And Abap Platform
9 CVEs affecting Sap_se Sap Netweaver Application Server Abap And Abap Platform. Latest disclosed: 2026-02-10. Critical: 2, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-0509 | Critical | 9.6 | 2026-02-10 | SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated, low-privileged user to perform background Remote Function Calls without the re… |
CVE-2024-33006 | Critical | 9.6 | 2024-05-14 | An unauthenticated attacker can upload a malicious file to the server which when accessed by a victim can allow an attacker to completely compromise system. |
CVE-2026-0506 | High | 8.1 | 2026-01-13 | Due to a Missing Authorization Check vulnerability in Application Server ABAP and ABAP Platform, an authenticated attacker could misuse an RFC function to exec… |
CVE-2025-31329 | Medium | 6.2 | 2025-05-13 | SAP NetWeaver is vulnerable to an Information Disclosure vulnerability caused by the injection of malicious instructions into user configuration settings. An a… |
CVE-2025-42969 | Medium | 6.1 | 2025-07-08 | SAP NetWeaver Application Server ABAP and ABAP Platform allows an unauthenticated attacker to inject a malicious script into a dynamically crafted URL. The vic… |
CVE-2024-32733 | Medium | 6.1 | 2024-05-14 | Due to missing input validation and output encoding of untrusted data, SAP NetWeaver Application Server ABAP and ABAP Platform allows an unauthenticated attac… |
CVE-2023-41366 | Medium | 5.3 | 2023-11-14 | Under certain condition SAP NetWeaver Application Server ABAP - versions KERNEL 722, KERNEL 7.53, KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.54, KERNEL 7… |
CVE-2024-41734 | Medium | 4.3 | 2024-08-13 | Due to missing authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform, an authenticated attacker could call an underlying transaction… |
CVE-2023-49581 | Medium | 4.1 | 2023-12-12 | SAP GUI for Windows and SAP GUI for Java allow an unauthenticated attacker to access information which would otherwise be restricted and confidential. In addit… |