{"vulnerability": "cve-2026-40128", "sightings": [{"uuid": "43497770-e147-463b-98a5-b4c9a17c0e1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-40128", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116717913644166220", "content": "\ud83d\udea8 CVE-2026-40128: CRITICAL path traversal in SAP NetWeaver AS Java (ENGINEAPI 7.50). Unauthenticated attackers can access/modify files or disrupt services. No patch yet \u2014 restrict access & monitor SAP advisories. https://radar.offseq.com/threat/cve-2026-40128-cwe-35-path-traversal-in-sapse-sap--7b0cc1b3 #OffSeq #SAP #Infosec #Vuln", "creation_timestamp": "2026-06-09T03:02:42.968640Z"}, {"uuid": "0c3d0864-4e32-433e-b038-80b6a161698b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40128", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mntaig6tyr2h", "content": "CVE-2026-40128 - Directory Traversal vulnerability in SAP NetWeaver Application Server Java (Web Container)\nCVE ID : CVE-2026-40128\n \n Published : June 9, 2026, 1:16 a.m. | 1\u00a0hour, 58\u00a0minutes ago\n \n Description : SAP NetWeaver Application Server Java (Web Container) allows an ...", "creation_timestamp": "2026-06-09T03:20:44.516074Z"}, {"uuid": "7015e1e8-c74d-4a31-9680-5259c8863480", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-40128", "type": "seen", "source": "https://www.acn.gov.it/portale/w/sap-security-patch-day-17", "content": "", "creation_timestamp": "2026-06-09T01:20:31.000000Z"}]}