CVE-2026-27685

CRITICAL WAF: Medium

CVSS 9.1 Published: 2026-03-10

CWE-502

SAP NetWeaver Enterprise Portal Administration is vulnerable if a privileged user uploads untrusted or malicious content that, upon deserialization, could result in a high impact on the confidentiality, integrity, and availability of the host system.

WAF Coverage Analysis

Insecure Deserialization Medium WAF Coverage

OWASP: A08:2021 Software and Data Integrity Failures

944xxx - Java Attack

References

me.sap.com
url.sap

Back to CVE Database