CVE-2026-40136

Description

SAP Financial Consolidation allows an authenticated attacker to disconnect other users by terminating their sessions temporarily preventing access. However, the application itself cannot be compromised resulting in a low impact on availability. There is no impact on confidentiality and integrity of the data

References

• https://me.sap.com/notes/3713521
• https://url.sap/sapsecuritypatchday