VDB

CVE-2026-0492

CVE-2026-0492 PUBLISHED CVSS 8.800000190734863 HIGH

SAP HANA database is vulnerable to privilege escalation allowing an attacker with valid credentials of any user to switch to another user potentially gaining administrative access. This exploit could result in a total compromise of the system�s confidentiality, integrity, and availability.

EPSS 0.08% · 22.8th percentile

Risk Scores

CVSS 3.1
8.800000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.08%
22.8th percentile

Affected Products

VendorProductVersions
SAP_SESAP HANA databaseHDB 2.00, HDB 2.00
saphana_database2.00, 2.00

Timeline

  • Jan 13, 2026 EPSS Score
  • Jan 13, 2026 CVE Published
  • Jan 13, 2026 PoC Published
  • Jan 13, 2026 PoC Published
  • Jan 13, 2026 PoC Published
  • Jan 13, 2026 PoC Published
  • Jan 13, 2026 PoC Published
  • Jan 16, 2026 EPSS Score
  • Jan 19, 2026 EPSS Score
  • Jan 22, 2026 EPSS Score
  • Jan 25, 2026 EPSS Score
  • Jan 27, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›