VYPR

Sap Netweaver (jms Service)

by SAP

CVEs (2)

  • CVE-2026-23685Feb 10, 2026
    risk 0.00cvss epss 0.00

    Due to a Deserialization vulnerability in SAP NetWeaver (JMS service), an attacker authenticated as an administrator with local access could submit specially crafted content to the server. If processed by the application, this content could trigger unintended behavior during…

  • CVE-2025-42911Sep 9, 2025
    risk 0.00cvss epss 0.00

    SAP NetWeaver (Service Data Download) allows an authenticated user to call a remote-enabled function module, which could grant access to information about the SAP system and operating system. This leads to a low impact on confidentiality, with no effect on the integrity and…