CVE-2026-24319 — Vulnetix

CVE-2026-24319 PUBLISHED CVSS 5.800000190734863 MEDIUM

In SAP Business One, sensitive information is written to the application�s memory dump files without obfuscation. Gaining access to this information could potentially lead to unauthorized operations within the B1 environment, including modification of company data. This issue results in a high impact on confidentiality and integrity, with no impact on availability.

EPSS 0.00% · 0.2th percentile

Risk Scores

CVSS 3.1

5.800000190734863

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N

EPSS Score

0.00%

0.2th percentile

Affected Products

Vendor	Product	Versions
SAP_SE	SAP Business One (B1 Client Memory Dump Files)	B1_ON_HANA 10.0, SAP-M-BO 10.0
sap	business_one	10.0, 10.0

Exploit Intelligence

https://me.sap.com/notes/3679346 (circl)
https://url.sap/sapsecuritypatchday (circl)

Timeline

Feb 10, 2026 CVE Published
Feb 10, 2026 EPSS Score
Feb 12, 2026 EPSS Score
Feb 14, 2026 EPSS Score
Feb 16, 2026 EPSS Score
Feb 18, 2026 EPSS Score
Feb 20, 2026 EPSS Score
Feb 22, 2026 EPSS Score
Feb 24, 2026 EPSS Score
Feb 26, 2026 EPSS Score
Feb 28, 2026 EPSS Score
Mar 2, 2026 EPSS Score

References

Open in Interactive Console →