CVE-2026-40131 - SQL Injection vulnerability in SAP HANA Deployment Infrastructure (HDI) deploy library
CVE ID :CVE-2026-40131 Published : May 12, 2026, 2:20 a.m. | 45 minutes ago Description :SQL injection vulnerability exists in @sap/hdi-deploy package, where SQL queries are dynamically constructed using user input without proper parameterization or prepared statements. Successful exploitation
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Adaptive deterrence urged to counter India’s hostile posture
- [CYBER] CVE-2026-40137 - Cross-Site Scripting (XSS) vulnerability in Business Server Pages Application (TAF_APPLAUNCHER)
- [CYBER] CVE-2026-40136 - Denial of service (DoS) in SAP Financial Consolidation
- [CYBER] CVE-2026-40135 - OS Command Injection vulnerability in SAP NetWeaver Application Server for ABAP and ABAP Platform
- [CYBER] CVE-2026-40134 - Missing Authorization Check in SAP Incentive and Commission Management
- [CYBER] CVE-2026-40133 - Missing Authorization check in SAP S/4HANA Condition Maintenance