CVE-2022-22536CISA KEVEPSS p99.9%

CVE-2022-22536SAP Multiple Products HTTP Request Smuggling Vulnerability

SAP / Multiple Products

Description

SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server and SAP Web Dispatcher allow HTTP request smuggling. An unauthenticated attacker can prepend a victim's request with arbitrary data, allowing for function execution impersonating the victim or poisoning intermediary Web caches.

Scoring

EPSS97.95% probability of exploitation · percentile 99.9% · 2026-06-18T12:00:27Z

CISA KEV entry

Added to KEV: 2022-08-18

(incoming)1

TypeTargetConfidenceTier
KEVEntrySAP Multiple Products HTTP Request Smuggling Vulnerabilitykev-cve-2022-225360%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-27682
CVE
CVE-2025-0066
CVE
CVE-2026-27674
CVE
CVE-2026-24316
CVE
CVE-2026-34257
CVE
CVE-2025-23186
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.