{"vulnerability": "CVE-2026-27671", "sightings": [{"uuid": "63129d51-21f9-4a0d-bd66-caf6d2d49c5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-27671", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mntb2d6qye2p", "content": "CVE-2026-27671 - Memory Corruption vulnerability in Application Server ABAP of SAP NetWeaver and ABAP Platform\nCVE ID : CVE-2026-27671\n \n Published : June 9, 2026, 1:16 a.m. | 1\u00a0hour, 58\u00a0minutes ago\n \n Description : Due to improper RFC protocol validation in the SAP Kernel use...", "creation_timestamp": "2026-06-09T03:30:45.499925Z"}, {"uuid": "bcf371ec-b91e-419c-a24d-91ed4b943f52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-27671", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mntef2rvqs2f", "content": "CRITICAL: Stack-based buffer overflow in SAP NetWeaver & ABAP Platform (CVE-2026-27671). No patch yet \u2014 restrict RFC network access & watch advisories. https://radar.offseq.com/threat/cve-2026-27671-cwe-121-stack-based-buffer-overflow-4df15939 #OffSeq #SAP #Security", "creation_timestamp": "2026-06-09T04:30:27.488020Z"}, {"uuid": "9e50683f-57bd-429f-97b6-a3c6f8378852", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-27671", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116718267569609549", "content": "\ud83d\udea8 CRITICAL: CVE-2026-27671 affects SAP NetWeaver & ABAP Platform (multiple versions). Stack-based buffer overflow via RFC, unauthenticated remote exploitation. No patch yet \u2014 restrict RFC access & monitor advisories. https://radar.offseq.com/threat/cve-2026-27671-cwe-121-stack-based-buffer-overflow-4df15939 #OffSeq #SAP #Vuln", "creation_timestamp": "2026-06-09T04:30:30.521387Z"}, {"uuid": "5cfc0b64-4f30-442c-8011-e64ad2132d63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-27671", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mnuh5n6xfl2y", "content": "3/ \u26a0\ufe0f SAP Patch Tuesday: CVE-2026-44748 (CVSS 9.9) \u2014 XML tampering lets attackers hijack enterprise identity across SAP systems. CVE-2026-27671 (CVSS 9.8) \u2014 unauthenticated memory corruption. Patch both NOW.", "creation_timestamp": "2026-06-09T14:52:58.786467Z"}, {"uuid": "6b82f393-ad9d-4a60-b9a7-d31980fdce31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-27671", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mnu76qz3un2z", "content": "\ud83d\udd17 CVE : CVE-2025-68161, CVE-2026-22732, CVE-2026-24315, CVE-2026-27671, CVE-2026-29145, CVE-2026-40128, CVE-2026-44743, CVE-2026-44744, CVE-2026-44746, CVE-2026-44748, CVE-2026-44750, CVE-2026-44751, CVE-2026-44754, CVE-2026-44755, CVE-2026-44757", "creation_timestamp": "2026-06-09T12:30:08.667333Z"}, {"uuid": "010bce3e-43d5-4fd5-8e86-d6fb97cb9a52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-27671", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mnuh5n6vh32y", "content": "3/ \u26a0\ufe0f SAP Patch Tuesday: CVE-2026-44748 (CVSS 9.9) \u2014 XML tampering lets attackers hijack enterprise identity across SAP systems. CVE-2026-27671 (CVSS 9.8) \u2014 unauthenticated memory corruption. Patch both NOW.", "creation_timestamp": "2026-06-09T14:52:55.586813Z"}, {"uuid": "f2578447-b82b-4125-892f-2cd05e1a6ad9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-27671", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mnuh5n6wgd2y", "content": "3/ \u26a0\ufe0f SAP Patch Tuesday: CVE-2026-44748 (CVSS 9.9) \u2014 XML tampering lets attackers hijack enterprise identity across SAP systems. CVE-2026-27671 (CVSS 9.8) \u2014 unauthenticated memory corruption. Patch both NOW.", "creation_timestamp": "2026-06-09T14:52:57.197682Z"}, {"uuid": "19ee55ec-ece3-4ac9-8581-751d44d701a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-27671", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mnuh5n6yeu2y", "content": "3/ \u26a0\ufe0f SAP Patch Tuesday: CVE-2026-44748 (CVSS 9.9) \u2014 XML tampering lets attackers hijack enterprise identity across SAP systems. CVE-2026-27671 (CVSS 9.8) \u2014 unauthenticated memory corruption. Patch both NOW.", "creation_timestamp": "2026-06-09T14:53:01.487322Z"}, {"uuid": "6fb29b12-dca2-47bd-8756-1921b2292679", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-27671", "type": "seen", "source": "https://www.acn.gov.it/portale/w/sap-security-patch-day-17", "content": "", "creation_timestamp": "2026-06-09T01:20:31.000000Z"}, {"uuid": "a162eeb4-9f58-4228-b109-de83be46e5c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-27671", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mnuedbrrtf2u", "content": "CVE-2026-27671 - Critical memory corruption in SAP NetWeaver/ABAP Platform via crafted RFC request. Unauthenticated RCE risk. CVSS 9.8. No patch yet. Isolate affected systems immediately. #CVE #SAP #infosec\n\nhttps://www.valtersit.com/cve/CVE-2026-27671/", "creation_timestamp": "2026-06-09T14:02:07.030534Z"}, {"uuid": "6dd0958c-3a69-42f3-9651-45d66bb9b3da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-27671", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mnuh5n6lol2y", "content": "3/ \u26a0\ufe0f SAP Patch Tuesday: CVE-2026-44748 (CVSS 9.9) \u2014 XML tampering lets attackers hijack enterprise identity across SAP systems. CVE-2026-27671 (CVSS 9.8) \u2014 unauthenticated memory corruption. Patch both NOW.", "creation_timestamp": "2026-06-09T14:52:38.981408Z"}, {"uuid": "b983d688-a079-46ef-822b-3f88a0054cd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-27671", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mnuh5n6uht2y", "content": "3/ \u26a0\ufe0f SAP Patch Tuesday: CVE-2026-44748 (CVSS 9.9) \u2014 XML tampering lets attackers hijack enterprise identity across SAP systems. CVE-2026-27671 (CVSS 9.8) \u2014 unauthenticated memory corruption. Patch both NOW.", "creation_timestamp": "2026-06-09T14:52:54.183928Z"}, {"uuid": "c7cff16b-48b4-4ed1-9e33-66a4839cbc6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-27671", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mnuh5n6xfm2y", "content": "3/ \u26a0\ufe0f SAP Patch Tuesday: CVE-2026-44748 (CVSS 9.9) \u2014 XML tampering lets attackers hijack enterprise identity across SAP systems. CVE-2026-27671 (CVSS 9.8) \u2014 unauthenticated memory corruption. Patch both NOW.", "creation_timestamp": "2026-06-09T14:53:00.197501Z"}, {"uuid": "d5b2ce8e-c0ea-4db0-b4fc-b44accdde597", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-27671", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mnuh5n6sjd2y", "content": "3/ \u26a0\ufe0f SAP Patch Tuesday: CVE-2026-44748 (CVSS 9.9) \u2014 XML tampering lets attackers hijack enterprise identity across SAP systems. CVE-2026-27671 (CVSS 9.8) \u2014 unauthenticated memory corruption. Patch both NOW.", "creation_timestamp": "2026-06-09T14:52:40.290236Z"}, {"uuid": "78ff6cda-7a1e-45b7-8996-f2f2302d2444", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-27671", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mnuh5n6til2y", "content": "3/ \u26a0\ufe0f SAP Patch Tuesday: CVE-2026-44748 (CVSS 9.9) \u2014 XML tampering lets attackers hijack enterprise identity across SAP systems. CVE-2026-27671 (CVSS 9.8) \u2014 unauthenticated memory corruption. Patch both NOW.", "creation_timestamp": "2026-06-09T14:52:41.631432Z"}, {"uuid": "c844e389-3db6-4701-aeb2-16220603bfcb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-27671", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnv67dcpyh2j", "content": "SAP's June 2026 patch fixes 15 flaws, including 4 critical issues in NetWeaver and Commerce Cloud. CVE-2026-44748 and CVE-2026-27671 may enable auth bypass, memory corruption, and directory traversal. #SAP #NetWeaver #CommerceCloud", "creation_timestamp": "2026-06-09T21:45:12.307949Z"}]}