CVE-2026-44750

4.3 MEDIUM

SAP MDG (Review Match Groups Application) does not perform the necessary authorization checks for authenticated users

Published: 2026-06-09 · Last updated: 2026-06-09

Severity and scoring

CVSS: 4.3 MEDIUM
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
CWE: CWE-862

Description

SAP MDG (Review Match Groups Application) does not perform the necessary authorization checks for authenticated users. This could allow a low-privileged user to perform actions that would otherwise be restricted, resulting in escalation of privileges. This has a low impact on integrity, while confidentiality and availability are not impacted.

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-44750
[Other]https://me.sap.com/notes/3673181
[Other]https://url.sap/sapsecuritypatchday

Related CVEs

Same CWE

CVE-2026-46645 — SQLAdmin is a flexible Admin interface for SQLAlchemy models (4.3 MEDIUM)
CVE-2026-53634 — Sharp is a content management framework built for Laravel as a package (4.3 MEDIUM)
CVE-2026-0272 — A privilege escalation vulnerability in Palo Alto Networks PAN-OS® software allows an authenticated administrator with access to the Comm...
CVE-2026-49822 — Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes (7.7 HIGH)
CVE-2026-49821 — Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes (7.7 HIGH)