{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T14:05:18.183","vulnerabilities":[{"cve":{"id":"CVE-2026-0496","sourceIdentifier":"cna@sap.com","published":"2026-01-13T02:15:51.990","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"SAP Fiori App Intercompany Balance Reconciliation allows an attacker with high privileges  to upload any file (including script files) without proper file format validation. This has low impact on confidentiality, integrity and availability of the application."},{"lang":"es","value":"La aplicación SAP Fiori Reconciliación de Saldos Intercompañía permite a un atacante con privilegios elevados subir cualquier archivo (incluyendo archivos de script) sin una validación adecuada del formato de archivo. Esto tiene un bajo impacto en la confidencialidad, integridad y disponibilidad de la aplicación."}],"metrics":{"cvssMetricV31":[{"source":"cna@sap.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L","baseScore":6.6,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.3,"impactScore":3.7}]},"weaknesses":[{"source":"cna@sap.com","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"references":[{"url":"https://me.sap.com/notes/3565506","source":"cna@sap.com"},{"url":"https://url.sap/sapsecuritypatchday","source":"cna@sap.com"}]}}]}