VDB
CVE-2026-0492
CVE-2026-0492
PUBLISHED
CVSS 8.800000190734863 HIGH
SAP HANA database is vulnerable to privilege escalation allowing an attacker with valid credentials of any user to switch to another user potentially gaining administrative access. This exploit could result in a total compromise of the system�s confidentiality, integrity, and availability.
EPSS 0.08% · 22.8th percentile
Risk Scores
CVSS 3.1
8.800000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.08%
22.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SAP_SE | SAP HANA database | HDB 2.00, HDB 2.00 |
| sap | hana_database | 2.00, 2.00 |
Timeline
- Jan 13, 2026 EPSS Score
- Jan 13, 2026 CVE Published
- Jan 13, 2026 PoC Published
- Jan 13, 2026 PoC Published
- Jan 13, 2026 PoC Published
- Jan 13, 2026 PoC Published
- Jan 13, 2026 PoC Published
- Jan 16, 2026 EPSS Score
- Jan 19, 2026 EPSS Score
- Jan 22, 2026 EPSS Score
- Jan 25, 2026 EPSS Score
- Jan 27, 2026 CVE Updated