CVE-2026-27680

Same vendor

• CVE-2026-40135 — An OS Command Injection vulnerability exists in the SAP NetWeaver Application Server for ABAP and ABAP Platform that allows an authentica... (6.5 MEDIUM)
• CVE-2026-27682 — Due to a reflected cross-site scripting (XSS) vulnerability in SAP NetWeaver Application Server ABAP (Applications based on Business Serv... (4.7 MEDIUM)
• CVE-2026-34257 — Due to an Open Redirect vulnerability in SAP NetWeaver Application Server ABAP, an unauthenticated attacker could craft malicious URL tha... (6.1 MEDIUM)
• CVE-2026-27674 — Due to a Code Injection vulnerability in SAP NetWeaver Application Server Java (Web Dynpro Java), an unauthenticated attacker could suppl... (6.1 MEDIUM)
• CVE-2026-27688 — Due to a missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker with user privileges could r... (5.0 MEDIUM)

Same CWE

• CVE-2026-49157 — Incorrect Default Permissions vulnerability in Apache ActiveMQ (8.8 HIGH)
• CVE-2026-48191 — An incorrect handling of permissions in STORM powered by OTRS and in OTRS (2026.x and above) Document Search Article Meta Filters modules... (3.5 LOW)
• CVE-2026-48190 — An incorrect handling of permissions in OTRS External Interface and the ConfigItem List module allows an authenticated customer to query ... (3.5 LOW)
• CVE-2026-33590 — Insecure default settings of Portainer CE grant regular (non-admin) users privileges that allow host filesystem access and host-level cod...
• CVE-2026-49237 — An issue was discovered in Canonical Multipass for macOS before version 1.16.3 due to an incomplete fix for CVE-2025-5199 (7.8 HIGH)