Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.1
SAP NetWeaver Portal: Malicious Uploads Can Damage System
CVE-2026-27685
Summary
A security issue in SAP NetWeaver Enterprise Portal Administration could allow a privileged user to upload malicious content that harms the system. This could lead to unauthorized access, data corruption, or system crashes. Make sure to only allow trusted users to upload files to the portal and ensure all uploaded content is thoroughly reviewed.
Original title
SAP NetWeaver Enterprise Portal Administration is vulnerable if a privileged user uploads untrusted or malicious content that, upon deserialization, could result in a high impact on the confidentia...
Original description
SAP NetWeaver Enterprise Portal Administration is vulnerable if a privileged user uploads untrusted or malicious content that, upon deserialization, could result in a high impact on the confidentiality, integrity, and availability of the host system.
nvd CVSS3.1
9.1
Vulnerability type
CWE-502
Deserialization of Untrusted Data
Published: 10 Mar 2026 · Updated: 13 Mar 2026 · First seen: 11 Mar 2026