Where
AND
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how sap compares to other vendors in security performance

View Risk Score →

Software

sap netweaver
73
sap netweaver as abap
68
sap 3d visual enterprise viewer
57
sap businessobjects
50
sap businessobjects business intelligence platform
38
sap netweaver as for java
36
sap s/4hana
30
sap businessobjects business intelligence
27
sap abap
23
sap netweaver (enterprise portal)
22
sap netweaver application server
20
sap netweaver process integration
17
sap hana database
16
sap internet graphics server
13
sap business one on hana
12
sap customer relationship management
12
sap netweaver solution manager
12
sap 3d visual enterprise author
11
sap commerce
11
sap crm - webclient ui
11
sap enable now
11
sap hana extended application services, advanced model
10
sap sap web application server
10
sap supplier relationship management
10
sap business connector
9
sap businessobjects financial consolidation
9
sap commerce cloud
8
sap erp
8
sap netweaver application server abap
8
sap netweaver as internet graphics server
8
sap disclosure management
7
sap host agent
7
sap internet transaction server
7
sap commerce cloud (formerly sap hybris)
6
sap gui
6
sap hana extended application services
6
sap j2ee engine
6
sap netweaver application server for abap
6
sap abap platform
5
sap fiori
5
sap fiori launchpad
5
sap hana sps09
5
sap mobile platform sdk
5
sap netweaver java application server
5
sap s/4hana (learning solution)
5
sap basis component 700
4
sap business one
4
sap business warehouse
4
sap erp localization for cee countries
4
sap maxdb
4

SAP Business Server Pages Application (TAF_APPLAUNCHER)Cross-Site Scripting (XSS) vulnerability in Business Server Pages Application (TAF_APPLAUNCHER)

Risk 38
Severity
6.1
First published (updated )
CVE-2026-40137

SAP SAP Financial ConsolidationDenial of service (DoS) in SAP Financial Consolidation

Risk 22
Severity
4.3
First published (updated )
CVE-2026-40136

SAP NetWeaver Application Server for ABAPOS Command Injection vulnerability in SAP NetWeaver Application Server for ABAP and ABAP Platform

Risk 49
Severity
6.5
First published (updated )
CVE-2026-40135

SAP SAP Incentive and Commission ManagementMissing Authorization Check in SAP Incentive and Commission Management

Risk 22
Severity
4.3
First published (updated )
CVE-2026-40134

SAP SAP S/4HANA Condition MaintenanceMissing Authorization check in SAP S/4HANA Condition Maintenance

Risk 46
Severity
6.3
First published (updated )
CVE-2026-40133
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

SAP SAP Strategic Enterprise Management (Balanced Scorecard Wizard - BSP application)Missing Authorization Check in SAP Strategic Enterprise Management (BSP application Balanced Scorecard Wizard)

Risk 34
Severity
5.4
First published (updated )
CVE-2026-40132

SAP SAP Application Server ABAPCode Injection vulnerability in SAP Application Server ABAP for SAP NetWeaver and ABAP Platform

Risk 22
Severity
4.3
First published (updated )
CVE-2026-40129

SAP SAPUI5 Search UIContent Spoofing vulnerability in SAPUI5 (Search UI)

Risk 24
Severity
4.7
First published (updated )
CVE-2026-34258

SAP SAP NetWeaver Application Server ABAPReflected Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server ABAP (Applications based on Business Server Pages)

Risk 31
Severity
4.7
First published (updated )
CVE-2026-27682

SAP BusinessObjects Business Intelligence platformCross Site Request Forgery (CSRF) in SAP BusinessObjects Business Intelligence Platform

Risk 34
Severity
5.4
First published (updated )
CVE-2026-0502
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

SAP Human Capital ManagementInformation Disclosure vulnerability in SAP Human Capital Management for SAP S/4HANA

Risk 38
Severity
6.5
First published (updated )
CVE-2026-34264

SAP HANA Database ExplorerInformation Disclosure Vulnerability in SAP HANA Cockpit and HANA Database Explorer

Risk 26
Severity
5
First published (updated )
CVE-2026-34262

SAP SAP Business AnalyticsMissing Authorization check in SAP Business Analytics and SAP Content Management

Risk 38
Severity
6.5
First published (updated )
CVE-2026-34261

SAP NetWeaver Application Server ABAPOpen Redirect vulnerability in SAP NetWeaver Application Server ABAP

Risk 38
Severity
6.1
First published (updated )
CVE-2026-34257

SAP BusinessObjects Business Intelligence platformReflected cross site scripting vulnerability in SAP BusinessObjects Business Intelligence Platform

Risk 21
Severity
4.1
First published (updated )
CVE-2026-27683
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

SAP SAP S/4HANA Frontend OData Service (Manage Reference Structures)Missing Authorization check in SAP S/4HANA Frontend OData Service (Manage Reference Structures)

Risk 38
Severity
6.5
First published (updated )
CVE-2026-27679

SAP SAP S/4HANA (Manage Reference Structures OData Service)Missing Authorization check in SAP S/4HANA Backend OData Service (Manage Reference Structures)

Risk 38
Severity
6.5
First published (updated )
CVE-2026-27678

SAP SAP S/4HANA (OData Service: Manage Reference Equipment)Missing Authorization check in SAP S/4HANA OData Service (Manage Reference Equipment)

Risk 38
Severity
6.5
First published (updated )
CVE-2026-27677

SAP SAP S/4HANA OData Service (Manage Technical Object Structures)Missing Authorization check in SAP S/4HANA OData Service (Manage Technical Object Structures)

Risk 22
Severity
4.3
First published (updated )
CVE-2026-27676

SAP NetWeaver Application Server Java (Web Dynpro Java)Code Injection vulnerability in SAP NetWeaver Application Server Java (Web Dynpro Java)

Risk 38
Severity
6.1
First published (updated )
CVE-2026-27674
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

SAP S/4HANAMissing Authorization Check in SAP S/4HANA (Private Cloud and On-Premise)

Risk 32
Severity
4.9
First published (updated )
CVE-2026-27673

SAP BusinessObjects Business Intelligence platformInsecure Session Management vulnerability in SAP BusinessObjects Business Intelligence Platform

Risk 28
Severity
4.2
First published (updated )
CVE-2026-24318

SAP SAP Supplier Relationship Management (SRM)Cross-Site Scripting (XSS) vulnerability in SAP Supplier Relationship Management (SICF Handler in SRM Catalog)

Risk 38
Severity
6.1
First published (updated )
CVE-2026-0512

SAP NetWeaver Application Server for ABAPMissing Authorization check in SAP NetWeaver Application Server for ABAP

Risk 26
Severity
5
First published (updated )
CVE-2026-27688

SAP S/4HANA HCM PortugalMissing Authorization check in SAP S/4HANA HCM Portugal and SAP ERP HCM Portugal

Risk 32
Severity
5.8
First published (updated )
CVE-2026-27687
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

SAP Business WarehouseMissing Authorization check in SAP Business Warehouse (Service API)

Risk 42
Severity
5.9
First published (updated )
CVE-2026-27686

SAP NetWeaverSQL Injection Vulnerability in SAP NetWeaver (Feedback Notification)

Risk 39
Severity
6.4
First published (updated )
CVE-2026-27684

SAP SAP GUI for WindowsDLL Hijacking vulnerability in SAP GUI for Windows with active GuiXT

Risk 38
Severity
5
First published (updated )
CVE-2026-24317

SAP NetWeaver Application Server for ABAPServer-Side Request Forgery (SSRF) in SAP NetWeaver Application Server for ABAP

Risk 39
Severity
6.4
First published (updated )
CVE-2026-24316

SAP Solution Tools Plug-In (ST-PI)Missing Authorization check in SAP Solution Tools Plug-In (ST-PI)

Risk 26
Severity
5
First published (updated )
CVE-2026-24313
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203