high2026-02-01Updated 2026-04-14SAP BusinessObjectsCVE-2026-0485

Denial of Service vulnerability in SAP BusinessObjects BI Platform

SAP BusinessObjects Business Intelligence Platform

Our Take

If you patched this in February you are done — the April update is textual only. If you missed it, treat it as a two-week item.

Vulnerability Detail

A Denial of Service vulnerability in the BusinessObjects BI Platform. Originally released February 2026 — this April update is a minor correction to the Symptom section of the note only, no new patch required.

Patch Action

Apply original SAP Note 3678282 if not already patched. No new action required if already applied in February.

Affected Versions

ENTERPRISE 430

2025

2027

Patch Info

Timing

🟠 Within 2 weeks

CVSS Score

7.5

SAP Note

3678282 ↗

CVE

CVE-2026-0485

Published

2026-02-01

Timing recommendations are editorial. Verify against official SAP Security Notes before acting on production systems.

← All patches