CVE-2026-0507

Name of the Vulnerable Software and Affected Versions SAP Application Server for ABAP and SAP NetWeaver RFCSDK (affected versions not specified)

Description An authenticated attacker with administrative access and adjacent network access could potentially execute arbitrary operating system commands due to an OS Command Injection issue. This is possible by uploading specially crafted content to the server, which, if processed, allows for command execution. Successful exploitation may result in a complete compromise of the system’s confidentiality, integrity, and availability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.