Due to missing authorization check in SAP NetWeaver Application Server ABAP and SAP S/4HANA, an authenticated attacker could access a specific transaction code and modify the text data in the system. This vulnerability has a high impact on integrity of the application with no effect on the confidentiality and availability.

References 

https://me.sap.com/notes/3672622

https://url.sap/sapsecuritypatchday

https://nvd.nist.gov/vuln/detail/CVE-2026-0484