low2026-04-14SAP NetWeaverCVE-2026-27680

CSS Injection vulnerability in SAP NetWeaver AS ABAP

SAP NetWeaver Application Server ABAP

Our Take

Low severity, narrow version coverage. Include in your next quarterly cycle.

Vulnerability Detail

A CSS injection vulnerability in SAP NetWeaver AS ABAP that could allow style injection attacks.

Patch Action

Apply SAP Note 3665042.

Affected Versions

SAP_UI 758

816

Patch Info

CVSS Score

3.1

SAP Note

3665042 ↗

CVE

CVE-2026-27680

Published

2026-04-14

All content is editorial summary, not professional security advice. CVSS scores and SAP Note IDs are factual references. Patch timing is the responsibility of your security team based on your environment and SAP's official guidance.

← All patches