We've created the first of its kind, SecurityBridge Cloud Platform, designed to prioritize SAP patches, updates, and remediation strategies that help prevent disruptions to critical business systems. Our security advisories provide SAP users with valuable insights into the security and business implications of operating SAP.
The user interface is designed to be as intuitive as possible, but we’d love to hear your feedback and
suggestions.
×
Hey there! Glad you made it.
We have found 8 security advices for you to review.
3681523
CVSS
6.4
Affected system type
ABAP
Patchday
2026-01
Released on
2026/01/13
Description
[CVE-2026-0503] Missing Authorization check in SAP ERP Central Component and SAP S/4HANA (SAP EHS Management)
3687372
CVSS
6.1
Affected system type
Java
Patchday
2026-01
Released on
2026/01/13
Description
[CVE-2026-0499] Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Enterprise Portal
3666061
CVSS
6.1
Affected system type
SAP Business Connector
Patchday
2026-01
Released on
2026/01/13
Description
[CVE-2026-0514] Cross-Site Scripting (XSS) vulnerability in SAP Business Connector
3638716
CVSS
4.7
Affected system type
ABAP
Patchday
2026-01
Released on
2026/01/13
Description
[CVE-2026-0513] Open Redirect Vulnerability in SAP Supplier Relationship Management (SICF Handler in SRM Catalog)
3677111
CVSS
4.3
Affected system type
ABAP
Patchday
2026-01
Released on
2026/01/13
Description
[CVE-2026-0497] Missing Authorization check in Business Server Pages Application (Product Designer Web UI)
3122486
CVSS
4.3
Affected system type
ABAP
Patchday
2026-01
Released on
2026/01/27
Description
[CVE-2026-23683] Missing Authorization check in SAP Fiori App (Intercompany Balance Reconciliation)
3655227
CVSS
4.3
Affected system type
ABAP
Patchday
2026-01
Released on
2026/01/13
Description
[CVE-2026-0494] Information Disclosure vulnerability in SAP Fiori App (Intercompany Balance Reconciliation)
3655229
CVSS
4.3
Affected system type
ABAP
Patchday
2026-01
Released on
2026/01/13
Description
[CVE-2026-0493] Cross-Site Request Forgery (CSRF) vulnerability in SAP Fiori App (Intercompany Balance Reconciliation)