CVE-2026-24309EPSS p10.5%

CVE-2026-24309CVE-2026-24309

sap / netweaver_application_server_abap

Description

Due to missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker could execute specific ABAP function module to read, modify or insert entries into the database configuration table of the ABAP system. This unauthorized content change could lead to reduced system performance or interruptions. The vulnerability has low impact on the application's integrity and availability, with no effect on confidentiality.

Scoring

CVSS 6.4 ()
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L
EPSS0.21% probability of exploitation · percentile 10.5% · 2026-06-19T12:03:05Z
Last modified2026-06-03

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-24310
CVE
CVE-2026-0509
CVE
CVE-2026-0506
CVE
CVE-2025-0063
CVE
CVE-2025-42953
CVE
CVE-2026-27681
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.