VYPR

Human Capital Management

by SAP

CVEs (2)

  • CVE-2025-30014HigApr 8, 2025
    risk 0.50cvss 7.7epss 0.01

    SAP Capital Yield Tax Management has directory traversal vulnerability due to insufficient path validation. This could allow an attacker with low privileges to read files from directory which they don�t have access to, hence causing a high impact on confidentiality. Integrity…

  • CVE-2026-34264MedApr 14, 2026
    risk 0.42cvss 6.5epss 0.00

    During authorization checks in SAP Human Capital Management for SAP S/4HANA, the system returns specific messages. Due to this, an authenticated user with low privileges could guess and enumerate the content shown, beyond their authorized scope. This leads to disclosure of…