low2026-04-14SAP NetWeaverCVE-2026-27680

CSS Injection vulnerability in SAP NetWeaver AS ABAP

SAP NetWeaver Application Server ABAP

Our Take

Low severity, narrow version coverage. Include in your next quarterly cycle.

Vulnerability Detail

A CSS injection vulnerability in SAP NetWeaver AS ABAP that could allow style injection attacks.

Patch Action

Apply SAP Note 3665042.

Affected Versions

SAP_UI 758
816

Patch Info

Timing

🟡 Next patch window

CVSS Score

3.1

SAP Note

3665042

CVE

CVE-2026-27680

Published

2026-04-14

Timing recommendations are editorial. Verify against official SAP Security Notes before acting on production systems.
← All patches