{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-02T15:04:36.965","vulnerabilities":[{"cve":{"id":"CVE-2026-27685","sourceIdentifier":"cna@sap.com","published":"2026-03-10T17:38:10.980","lastModified":"2026-03-11T13:53:47.157","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"SAP NetWeaver Enterprise Portal Administration is vulnerable if a privileged user uploads untrusted or malicious content that, upon deserialization, could result in a high impact on the confidentiality, integrity, and availability of the host system."},{"lang":"es","value":"La Administración de SAP NetWeaver Enterprise Portal es vulnerable si un usuario privilegiado carga contenido no confiable o malicioso que, al deserializarse, podría resultar en un alto impacto en la confidencialidad, integridad y disponibilidad del sistema anfitrión."}],"metrics":{"cvssMetricV31":[{"source":"cna@sap.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.3,"impactScore":6.0}]},"weaknesses":[{"source":"cna@sap.com","type":"Primary","description":[{"lang":"en","value":"CWE-502"}]}],"references":[{"url":"https://me.sap.com/notes/3714585","source":"cna@sap.com"},{"url":"https://url.sap/sapsecuritypatchday","source":"cna@sap.com"}]}}]}