Sap — community ground truth

3 notable / known-exploited Sap CVEs the community has triaged.

ⓘ Not an exhaustive list — we focus on the findings that matter (exploited / notable). For every Sap CVE, see NVD ↗.

CVE-2025-31324CVSS 10KEVEPSS 99%
SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availability of the targeted system.
CVE-2017-12637CVSS 7.5KEVEPSS 95%
Directory traversal vulnerability in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS in SAP NetWeaver Application Server Java 7.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the query string, as exploited in the wild in August 2017, aka SAP Security Note 2486657.
CVE-2016-2388CVSS 5.3KEVEPSS 52%
The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request, aka SAP Security Note 2256846.