CVE-2026-34257

MEDIUM CVSS 6.1 View on NVD ↗

Description

Due to an Open Redirect vulnerability in SAP NetWeaver Application Server ABAP, an unauthenticated attacker could craft malicious URL that, if accessed by a victim, they could be redirected to the page controlled by the attacker. This causes low impact on confidentiality and integrity of the application with no impact on availability.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References

https://me.sap.com/notes/3692004
https://url.sap/sapsecuritypatchday

Published: Apr 14, 2026 01:16 UTC Modified: Apr 14, 2026 01:16 UTC