Unrated severityNVD Advisory· Published Feb 10, 2026· Updated Feb 10, 2026
Information Disclosure vulnerability in SAP Commerce Cloud
CVE-2026-24321
Description
SAP Commerce Cloud exposes multiple API endpoints to unauthenticated users, allowing them to submit requests to these open endpoints to retrieve sensitive information that is not intended to be publicly accessible via the front-end. This vulnerability has a low impact on confidentiality and does not affect integrity and availability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: HY_COM 2205
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.