Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
3733 articles · 175915 vulns · 37/41 feeds (7d)
← Back to list
9.9
CVE-2026-44747EXPLOITED
sap · sap netweaver application server abap

Memory Corruption vulnerability in SAP NetWeaver Application Server ABAP

Description

A vulnerability identified as critical has been detected in SAP NetWeaver Application Server ABAP up to KRNL64UC 7.22. This impacts an unknown function. The manipulation leads to out-of-bounds write.

Affected Products

VendorProductVersions
sapsap netweaver application server abapKRNL64NUC 7.22, 7.22EXT, KRNL64UC 7.22, 7.53, KERNEL 7.22, 7.53. 7.54, 7.77, 7.89, 7.93, 9.16, 9.18, 9.19, 9.20

Also Affects

Downstream vendors/products affected by this vulnerability

VendorProductSourceConfidence
sapsap softwarecert_advisory90%

References

  • https://me.sap.com/notes/3747367
  • https://url.sap/sapsecuritypatchday

Related News (6 articles)

Tier D
The Hacker News2h ago
SAP Patches CVSS 9.9 NetWeaver ABAP Flaw That Could Expose or Modify Data
→ No new info (linked only)
Tier B
CCCS Canada7h ago
SAP security advisory – July 2026 monthly rollup (AV26-690)
→ No new info (linked only)
Tier D
SecurityWeek9h ago
SAP Patches Critical Vulnerabilities in NetWeaver, Approuter, Commerce Cloud
→ No new info (linked only)
Tier B
BSI Advisories10h ago
[NEU] [hoch] SAP Patch Day Juli 2026
→ No new info (linked only)
Tier D
Heise Security12h ago
SAP-Patchday: Teils kritische Sicherheitslücken in mehreren Produkten gefixt
→ No new info (linked only)
Tier C
VulDB16h ago
CVE-2026-44747 | SAP NetWeaver Application Server ABAP up to KRNL64UC 7.22 out-of-bounds write
→ No new info (linked only)
CVSS 3.19.9 CRITICAL
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CISA KEV❌ No
Actively exploited✅ Yes
CWECWE-787
PublishedJul 14, 2026
Last enriched6h agov3
Trending Score76
Source articles6
Independent6
Info Completeness9/14
Missing: epss, kev, patch, iocs, mitre_attack

Community Vote

0
Login to vote
0 upvotes0 downvotes
No votes yet

Related CVEs (5)

CRITICALCVE-2026-44761EXP
Insecure Sample Credentials in SAP Commerce Cloud
Trending: 62
CRITICALCVE-2026-44745EXP
Open Redirect vulnerability in SAP Approuter
Trending: 62
HIGHCVE-2026-44752EXP
Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server Java(Configuration Wizard)
Trending: 59
CRITICALCVE-2026-40128
Directory Traversal vulnerability in SAP NetWeaver Application Server Java (Web Container)
Trending: 59
MEDIUMCVE-2026-44768EXP
Security misconfiguration in SAP CRM (WebClient UI)
Trending: 52

Pin to Dashboard

Verification

State: unverified
Confidence: 0%

Vulnerability Timeline

CVE Published
Jul 14, 2026
Actively Exploited
Jul 14, 2026
Exploit Available
Jul 14, 2026
Discovered by ZDM
Jul 14, 2026
Updated: description
Jul 14, 2026
Updated: exploitAvailable, activelyExploited
Jul 14, 2026

Version History

v3
Last enriched 6h ago
v3Tier B6h ago

Updated affected versions to include 7.22EXT and marked exploit availability and active exploitation status as true.

exploitAvailableactivelyExploited
via CCCS Canada
v2Tier C15h ago

Updated description with new technical details, specified affected version KRNL64UC 7.22, and corrected exploit availability status.

description
via VulDB
v119h ago

Initial creation