<0.1% probability · 16.5th percentile — 2026-05-12
Affected versions
SAP Business Planning and Consolidation, SAP Business Warehouse (unpatched vulnerable versions)
Summary
This vulnerability is caused by insufficient authorization checks in affected SAP enterprise applications. An authenticated attacker can execute crafted SQL statements to read, modify, and delete arbitrary database data. Successful exploitation compromises the full confidentiality, integrity, and availability of the affected system.
Remediation
Apply official security patches released by SAP for this vulnerability immediately. Restrict network access to affected components to only trusted users until patching is completed. Audit database logs for signs of unauthorized access or modification.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.