CVE-2026-0495

Medium CVSS: 5.1

SAP Fiori App Intercompany Balance Reconciliation allows an attacker with high privileges to send uploaded files to arbitrary emails which could enable effective phishing campaigns. This has low impact on confidentiality, integrity and availability of the application.

Vendor

Product

CWE

CWE-15

Yayın Tarihi

2026-01-13 02:15:51

Güncelleme

2026-01-13 14:03:18

Source Identifier

cna@sap.com

KEV Date Added

Kategoriler

CWE-15 MEDIUM 2026

Referanslar

https://me.sap.com/notes/3565506 https://url.sap/sapsecuritypatchday