How severe is CVE-2026-0501?

CVE-2026-0501 has a CVSS v3 score of 9.9 (CRITICAL).

CVE-2026-0501

9.9CRITICAL

Due to insufficient input validation in SAP S/4HANA Private Cloud and On-Premise (Financials General Ledger), an authenticated user could execute crafted SQL queries to read, modify, and delete backen

Veröffentlicht: 1/13/2026Aktualisiert: 1/13/2026

Beschreibung

Due to insufficient input validation in SAP S/4HANA Private Cloud and On-Premise (Financials General Ledger), an authenticated user could execute crafted SQL queries to read, modify, and delete backend database data. This leads to a high impact on the confidentiality, integrity, and availability of the application.

KI-AnalyseKI-gestützt

Referenzen

https://me.sap.com/notes/3687749
https://url.sap/sapsecuritypatchday