Back to overview

CVE-2026-44747

CRITICAL
9.9
CVSS 3.1
Description
SAP NetWeaver Application Server ABAP allows an authenticated attacker to leverage logical errors in memory management to cause a memory corruption that could lead to unauthorized data access, modification, or system unavailability. This has high impact on confidentiality, integrity, and availability of the application.

Metadata

CVE ID
CVE-2026-44747
State
PUBLISHED
Assigner
sap
Reserved
2026-05-07 18:16 UTC
Published
2026-07-14 00:19 UTC
Last updated
2026-07-14 00:19 UTC
Primary CWE
CWE-787
CWE-787: Out-of-bounds Write
Vendor / Product
SAP_SE / SAP NetWeaver Application Server ABAP
Sources
cve.org  ·  NVD

Severity & Metrics

9.9 CRITICAL CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Affected products (1)
VendorProductPlatformVersions
SAP_SE SAP NetWeaver Application Server ABAP KRNL64NUC 7.22, 7.22EXT, KRNL64UC 7.22, 7.53 …
Weakness (CWE)
CWESourceDescription
CWE-787 cna CWE-787: Out-of-bounds Write
CVSS scores (1)
ScoreSeverityVersionSourceVector
9.9 CRITICAL 3.1 cna CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Back to overview