Skip to content
feed: live
>_ 0dayNews
CVE Record
[ CRITICAL ] CVE-2026-44747

SAP NetWeaver AS ABAP memory-corruption via logical errors in memory management

Authenticated memory-corruption in NetWeaver Application Server ABAP that NVD scored 9.9 — a logged-in attacker can leverage logical errors in memory management to read data, modify data, or take the application down. Fixed in the SAP July 2026 Security Patch Day.

cat cve-2026-44747.json
Vendor
SAP
Product
NetWeaver Application Server ABAP (see body — version details in SAP's July 2026 Security Note)
CVSS
9.9
EPSS (exploit probability)
N/A
Status
patched
Published

An authenticated memory-corruption flaw in SAP NetWeaver Application Server ABAP. NVD assigns CVSS 3.1 = 9.9, which is the top of the “critical” band for a bug that still requires the attacker to hold valid credentials — high impact on confidentiality, integrity, and availability all three.

What the flaw is (per NVD): “SAP NetWeaver Application Server ABAP allows an authenticated attacker to leverage logical errors in memory management to cause a memory corruption that could lead to unauthorized data access, modification, or system unavailability.”

The base score sits at 9.9 rather than the unauthenticated-RCE ceiling of 10 because the attacker needs to be logged in — but 9.9 also implies the exploitation path is otherwise clean once authenticated: no user interaction, network-reachable, and the impact axes all rated high. In a NetWeaver ABAP context that “authenticated” precondition is not much of a wall; ABAP application servers hold service accounts, batch users, and RFC connections that often outnumber human accounts, and any of those in an attacker’s hands is enough.

Status: SAP fixed this on the July 2026 Security Patch Day (published 2026-07-14). No known exploitation in the wild at time of writing, per BleepingComputer’s summary of the patch day.

What to do: Apply the July 2026 SAP Security Note that references this CVE (SAP’s Support Portal is gated; the Note ID is called out in the SAP Security Patch Day landing page for authenticated customers). Until the note is applied, treat any high-value ABAP service account as one credential leak away from a 9.9-scored problem.