CVE-2025-42929HIGH 8.1EPSS p11.9%

CVE-2025-42929CVE-2025-42929

Description

Due to missing input validation, an attacker with high privilege access to ABAP reports could delete the content of arbitrary database tables, if the tables are not protected by an authorization group. This leads to a high impact on integrity and availability of the database.

Scoring

CVSS 3.18.1 (HIGH)
VectorCVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H
EPSS0.22% probability of exploitation · percentile 11.9% · 2026-06-19T12:03:05Z
Published2025-09-09
Last modified2026-04-15

Underlying weaknesses· 1

CWE-1287

References

  1. https://me.sap.com/notes/3633002
  2. https://url.sap/sapsecuritypatchday

1

TypeTargetConfidenceTier
WeaknessImproper Validation of Specified Type of Inputcwe-12870%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-42916
CVE
CVE-2025-42983
CVE
CVE-2026-44751
CVE
CVE-2025-42957
CVE
CVE-2026-24309
CVE
CVE-2025-42953
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.