CVE-2026-0485 — Vulnetix

Try Vulnetix Request Demo

CVE-2026-0485 PUBLISHED CVSS 7.5 HIGH

SAP BusinessObjects BI Platform allows an unauthenticated attacker to send specially crafted requests that could cause the Content Management Server (CMS) to crash and automatically restart. By repeatedly submitting these requests, the attacker could induce a persistent service disruption, rendering the CMS completely unavailable. Successful exploitation results in a high impact on availability, while confidentiality and integrity remain unaffected.

EPSS 0.06% · 18.8th percentile

Risk Scores

CVSS v3.1

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score

0.06%

18.8th percentile

Affected Products

Vendor	Product	Versions
sap	businessobjects_business_intelligence_platform	430, 2025, 2027
SAP_SE	SAP BusinessObjects BI Platform	ENTERPRISE 430, 2025, 2027

Timeline

Feb 10, 2026 CVE Published
Feb 10, 2026 EPSS Score
Feb 10, 2026 PoC Published
Feb 11, 2026 EPSS Score
Feb 13, 2026 EPSS Score
Feb 14, 2026 EPSS Score
Feb 16, 2026 EPSS Score
Feb 17, 2026 EPSS Score
Feb 17, 2026 CVE Updated
Feb 19, 2026 EPSS Score
Feb 20, 2026 EPSS Score
Feb 22, 2026 EPSS Score

References

Open in Interactive Console →