Sap netweaver application server for abap
This hub aggregates every CVE we track for Sap netweaver application server for abap, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.
13
CVEs tracked
1
Critical
1
High
0
In CISA KEV
Severity distribution
MEDIUM10LOW1HIGH1CRITICAL1
Monthly trend
0
0
0
0
0
0
0
0
0
0
1
2
2
0
1
1
0
0
0
4
0
0
0
0
2024-082026-07
Latest CVEs
The 13 most recently published vulnerabilities affecting Sap netweaver application server for abap.
- CVE-2026-27688Missing Authorization check in SAP NetWeaver Application Server for ABAP5.0
- CVE-2026-24316Server-Side Request Forgery (SSRF) in SAP NetWeaver Application Server for ABAP6.4
- CVE-2026-24310Missing Authorization check in SAP NetWeaver Application Server for ABAP3.5
- CVE-2026-24309Missing Authorization check in SAP NetWeaver Application Server for ABAP6.4
- CVE-2025-42882Missing Authorization check in SAP NetWeaver Application Server for ABAP4.3
- CVE-2025-42908Cross-Site Request Forgery (CSRF) vulnerability in SAP NetWeaver Application Server for ABAP5.4
- CVE-2025-42942Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server for ABAP6.1
- CVE-2025-42936Missing Authorization check in SAP NetWeaver Application Server for ABAP5.4
- CVE-2025-42961Missing Authorization check in SAP NetWeaver Application Server for ABAP4.9
- CVE-2025-42953Missing Authorization check in SAP NetWeaver Application Server for ABAP8.1
- CVE-2025-42989Missing Authorization check in SAP NetWeaver Application Server for ABAP9.6
- CVE-2022-26102Due to missing authorization check, SAP NetWeaver Application Server for ABAP - versions 700, 701, 702, 731, allows an authenticated attacker, to access content on the start screen of any transacti...5.4
- CVE-2018-2470In SAP NetWeaver Application Server for ABAP, from 7.0 to 7.02, 7.30, 7.31, 7.40 and from 7.50 to 7.53, applications do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scrip...6.1
Product normalization is registry-driven with AI assist and human review. How it works