CVE-2026-23685

Name of the Vulnerable Software and Affected Versions SAP NetWeaver (affected versions not specified)

Description A flaw exists in SAP NetWeaver’s JMS service that could allow a locally-authenticated attacker with administrator privileges to send crafted content to the server. Processing this content by the application may lead to unintended behavior during internal logic execution, potentially resulting in a denial of service. The issue has a high impact on availability, with no impact to confidentiality or integrity. The vulnerability involves deserialization.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.