CVE-2026-0506 in NetWeaver Application Server ABAP and ABAP Platforminformación

Resumen

por MITRE • 2026-01-13

Due to a Missing Authorization Check vulnerability in Application Server ABAP and ABAP Platform, an authenticated attacker could misuse an RFC function to execute form routines (FORMs) in the ABAP system. Successful exploitation could allow the attacker to write or modify data accessible via FORMs and invoke system functionality exposed via FORMs, resulting in a high impact on integrity and availability, while confidentiality remains unaffected.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsable

Sap

Reservar

2025-12-09

Divulgación

2026-01-13

Moderación

aceptado

Artículo

VDB-340525

CPE

listo

CWE

CWE-862 (confirmado)

CVSS

8.1 (CNA)

EPSS

0.00074

KEV

Actividades

muy bajo

Sector

Transportation, Hostingprovider, ...

Fuentes

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-0506
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-0506
CVE Details	https://www.cvedetails.com/cve/CVE-2026-0506/

◂ Anterior Visión De Conjunto Próximo ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!