CVE-2026-27672

Description

The Material Master application does not enforce authorization checks for authenticated users when executing reports, resulting in the disclosure of sensitive information. This vulnerability has a low impact on confidentiality and does not affect integrity and availability of the system.

References

• https://me.sap.com/notes/3703276
• https://url.sap/sapsecuritypatchday