CVE-2026-0485NVD

Vulnerability Summary

SAP BusinessObjects BI Platform allows an unauthenticated attacker to send specially crafted requests that could cause the Content Management Server (CMS) to crash and automatically restart. By repeatedly submitting these requests, the attacker could induce a persistent service disruption, rendering the CMS completely unavailable. Successful exploitation results in a high impact on availability, while confidentiality and integrity remain unaffected.

Severity Level

HIGH(7.5)

Published Date

Feb 10, 2026

Last Modified

Feb 17, 2026

Exploitation Status

????

EPSS Score (30-Day)

0.06%Probability

Root Weakness (CWE)

CWE-405: Unknown/Unlisted Weakness ↗

Refer to the official MITRE database for detailed architectural specifications regarding this weakness.

CVSS v3.1 Base Metrics

Attack VectorNetwork

Attack ComplexityLow

Privileges RequiredNone

User InteractionNone

ScopeUnchanged

ConfidentialityNone

IntegrityNone

AvailabilityHigh

External References

https://me.sap.com/notes/3678282
https://url.sap/sapsecuritypatchday

Critical Alert 1 Active Exploit Detected Today

CVE Watchtower

CVE-2026-0485NVD

Vulnerability Summary

External References