How severe is CVE-2026-0501?

CVE-2026-0501 has a CVSS v3 score of 9.9 (CRITICAL).

CVE-2026-0501

9.9CRITICAL

Due to insufficient input validation in SAP S/4HANA Private Cloud and On-Premise (Financials General Ledger), an authenticated user could execute crafted SQL queries to read, modify, and delete backen

Published: 1/13/2026Updated: 1/13/2026

Description

Due to insufficient input validation in SAP S/4HANA Private Cloud and On-Premise (Financials General Ledger), an authenticated user could execute crafted SQL queries to read, modify, and delete backend database data. This leads to a high impact on the confidentiality, integrity, and availability of the application.

AI AnalysisPowered by AI

References

https://me.sap.com/notes/3687749
https://url.sap/sapsecuritypatchday