Description
Due to improper memory management in SAP NetWeaver and ABAP Platform (Application Server ABAP), an authenticated attacker could exploit logical errors in memory management by supplying specially crafted input containing unique characters, which are improperly converted. This may result in memory corruption and the potential leakage of memory content. Successful exploitation of this vulnerability would have a low impact on the confidentiality of the application, with no effect on its integrity or availability.
CVSS Metrics
- Vector
- CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
- Attack Vector
- network
- Complexity
- high
- Privileges
- low
- User Action
- none
- Scope
- unchanged
- Confidentiality
- low
- Integrity
- none
- Availability
- none
- Weaknesses
- CWE-113CWE-787
Metadata
- Primary Vendor
- SAP
- Published
- 2/10/2026
- Last Modified
- 2/17/2026
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
sap : netweaver_as_abap_kernelsap : netweaver_as_abap_kernelsap : netweaver_as_abap_kernelsap : netweaver_as_abap_kernelsap : netweaver_as_abap_kernelsap : netweaver_as_abap_kernelsap : netweaver_as_abap_kernelsap : netweaver_as_abap_kernelsap : netweaver_as_abap_krnl64nucsap : netweaver_as_abap_krnl64nucsap : netweaver_as_abap_krnl64uc
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.