CVE-2026-44755
Description
SAP Business Objects BI Platform allows authenticated users to spoof emails by insufficiently validating email sending parameters.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
SAP Business Objects BI Platform allows authenticated users to spoof emails by insufficiently validating email sending parameters.
Vulnerability
SAP Business Objects Business Intelligence Platform suffers from a vulnerability where it does not sufficiently validate email sending parameters supplied by authenticated users. This allows for email spoofing within the application.
Exploitation
An authenticated user can exploit this vulnerability by providing specially crafted email sending parameters. The exact steps required are not detailed in the available references.
Impact
This vulnerability has a low impact on integrity. It does not affect the confidentiality or availability of the application. The primary impact is the ability to send emails that appear to originate from a different address.
Mitigation
SAP releases security patches on a regular schedule, referred to as SAP Security Patch Day, typically on the second Tuesday of each month [1]. Customers are advised to implement these corrections promptly. Specific patch details for this vulnerability are not provided in the available references, but it is recommended to check SAP Security Notes for the latest updates and apply them as soon as possible.
AI Insight generated on Jun 9, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
2News mentions
1- SAP: Twelve Vulnerabilities Disclosed Together on June 9, 2026Vypr Intelligence · Jun 9, 2026