CVE-2026-0500 CRITICAL

CVE-2026-0500: Remote code execution in SAP Wily Introscope Enterprise Manager (WorkStation)

Vendor Sap_Se
Product SAP Wily Introscope Enterprise Manager (WorkStation)
Weakness CWE-94 · Code injection
Published January 13, 2026
Last update January 13, 2026

CVSS base score

9.6/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

Due to the usage of vulnerable third party component in SAP Wily Introscope Enterprise Manager (WorkStation), an unauthenticated attacker could create a malicious JNLP (Java Network Launch Protocol) file accessible by a public facing URL. When a victim clicks on the URL the accessed Wily Introscope Server could execute OS commands on the victim's machine. This could completely compromising confidentiality, integrity and availability of the system.

Key dates

02Disclosure timeline

January 13, 2026 CVE published
January 13, 2026 Record updated