CVE-2026-44747 PUBLISHED

Memory Corruption vulnerability in SAP NetWeaver Application Server ABAP

Assigner: sap
Reserved: 07.05.2026 Published: 14.07.2026 Updated: 14.07.2026

SAP NetWeaver Application Server ABAP allows an authenticated attacker to leverage logical errors in memory management to cause a memory corruption that could lead to unauthorized data access, modification, or system unavailability. This has high impact on confidentiality, integrity, and availability of the application.

Metrics

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CVSS Score: 9.9

Product Status

Vendor SAP_SE
Product SAP NetWeaver Application Server ABAP
Versions Default: unaffected
  • Version KRNL64NUC 7.22 is affected
  • Version 7.22EXT is affected
  • Version KRNL64UC 7.22 is affected
  • Version 7.53 is affected
  • Version KERNEL 7.22 is affected
  • Version 7.53. 7.54 is affected
  • Version 7.77 is affected
  • Version 7.89 is affected
  • Version 7.93 is affected
  • Version 9.16 is affected
  • Version 9.18 is affected
  • Version 9.19 is affected
  • Version 9.20 is affected

References

Problem Types