CVE-2026-27685

Critical CVSS: 9.1

SAP NetWeaver Enterprise Portal Administration is vulnerable if a privileged user uploads untrusted or malicious content that, upon deserialization, could result in a high impact on the confidentiality, integrity, and availability of the host system.

Vendor

Product

CWE

CWE-502

Yayın Tarihi

2026-03-10 17:38:10

Güncelleme

2026-03-11 13:53:47

Source Identifier

cna@sap.com

KEV Date Added

Kategoriler

CWE-502 CRITICAL 2026

Referanslar

https://me.sap.com/notes/3714585 https://url.sap/sapsecuritypatchday