Hana database
This hub aggregates every CVE we track for Hana database, a product in the databases space. Use it to gauge the current risk picture and drill into individual advisories.
8
CVEs tracked
2
Critical
3
High
0
In CISA KEV
Severity distribution
HIGH3MEDIUM3CRITICAL2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 8 most recently published vulnerabilities affecting Hana database.
- CVE-2026-0492Privilege escalation vulnerability in SAP HANA database8.8
- CVE-2023-40309Missing Authorization check in SAP CommonCryptoLib9.8
- CVE-2023-40308Memory Corruption vulnerability in SAP CommonCryptoLib7.5
- CVE-2021-21474SAP HANA Database, versions - 1.0, 2.0, accepts SAML tokens with MD5 digest, an attacker who manages to obtain an MD5-digest signed SAML Assertion issued for an SAP HANA instance might be able to t...6.5
- CVE-2020-26834SAP HANA Database, version - 2.0, does not correctly validate the username when performing SAML bearer token-based user authentication. It is possible to manipulate a valid existing SAML bearer tok...5.4
- CVE-2019-0350SAP HANA Database, versions 1.0, 2.0, allows an unauthorized attacker to send a malformed connection request, which crashes the indexserver of an SAP HANA instance, leading to Denial of Service7.5
- CVE-2018-2424SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Softwar...9.8
- CVE-2017-16687The user self-service tools of SAP HANA extended application services, classic user self-service, a part of SAP HANA Database versions 1.00 and 2.00, can be misused to enumerate valid and invalid u...5.3
Product normalization is registry-driven with AI assist and human review. How it works