We've created the first of its kind, SecurityBridge Cloud Platform, designed to prioritize SAP patches, updates, and remediation strategies that help prevent disruptions to critical business systems. Our security advisories provide SAP users with valuable insights into the security and business implications of operating SAP.
The user interface is designed to be as intuitive as possible, but we’d love to hear your feedback and
suggestions.
×
Hey there! Glad you made it.
We have found 8 security advices for you to review.
3591163
CVSS
6.6
Affected system type
ABAP
Patchday
2025-12
Released on
2025/12/09
Description
[CVE-2025-42875] Missing Authentication check in SAP NetWeaver Internet Communication Framework
3662324
CVSS
6.5
Affected system type
Kernel
Patchday
2025-12
Released on
2025/12/09
Description
[CVE-2025-42904] Information Disclosure vulnerability in Application Server ABAP
3662622
CVSS
6.1
Affected system type
Java
Patchday
2025-12
Released on
2025/12/09
Description
[CVE-2025-42872] Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Enterprise Portal
3676970
CVSS
5.9
Affected system type
SAP UI5Open UI5
Patchday
2025-12
Released on
2025/12/09
Description
[CVE-2025-42873] Denial of Service (DoS) in SAPUI5 framework (Markdown-it component)
3659117
CVSS
5.5
Affected system type
ABAP
Patchday
2025-12
Released on
2025/12/09
Description
[CVE-2025-42891] Missing Authorization check in SAP Enterprise Search for ABAP
3651390
CVSS
5.4
Affected system type
BI/BO platform
Patchday
2025-12
Released on
2025/12/09
Description
[CVE-2025-42896] Server-Side Request Forgery (SSRF) in SAP BusinessObjects Business Intelligence Platform
3610322
CVSS
4.9
Affected system type
ABAP
Patchday
2025-12
Released on
2025/07/08
Description
[CVE-2025-42961] Missing Authorization check in SAP NetWeaver Application Server for ABAP
3626440
CVSS
4.3
Affected system type
ABAP
Patchday
2025-12
Released on
2025/07/08
Description
[CVE-2025-42986] Missing Authorization check in SAP NetWeaver and ABAP Platform