CVE-2026-23689 — Vulnetix

Try Vulnetix Request Demo

CVE-2026-23689 PUBLISHED CVSS 7.699999809265137 HIGH

Due to an uncontrolled resource consumption (Denial of Service) vulnerability, an authenticated attacker with regular user privileges and network access can repeatedly invoke a remote-enabled function module with an excessively large loop-control parameter. This triggers prolonged loop execution that consumes excessive system resources, potentially rendering the system unavailable. Successful exploitation results in a denial-of-service condition that impacts availability, while confidentiality and integrity remain unaffected.

EPSS 0.09% · 25.7th percentile

Risk Scores

CVSS v3.1

7.699999809265137

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

EPSS Score

0.09%

25.7th percentile

Affected Products

Vendor	Product	Versions
sap	supply_chain_management	700, 712, 702
sap	advanced_planning_and_optimization	713, 714
SAP_SE	SAP Supply Chain Management	SCMAPO 713, 714, 702

Timeline

Jan 14, 2026 CVE ID Reserved
Feb 10, 2026 CVE Published
Feb 10, 2026 EPSS Score
Feb 11, 2026 EPSS Score
Feb 13, 2026 EPSS Score
Feb 14, 2026 EPSS Score
Feb 16, 2026 EPSS Score
Feb 17, 2026 EPSS Score
Feb 19, 2026 EPSS Score
Feb 20, 2026 EPSS Score
Feb 22, 2026 EPSS Score
Feb 23, 2026 EPSS Score

References

Open in Interactive Console →