CVE-2025-42999

⚠ KEVEPSS 66.4%

SAP NetWeaver Deserialization Vulnerability

Added to CISA KEV: 5/15/2025

Description

SAP NetWeaver Visual Composer Metadata Uploader contains a deserialization vulnerability that allows a privileged attacker to compromise the confidentiality, integrity, and availability of the host system by deserializing untrusted or malicious content.

Affected packages (0)

No package mapping in OSV.