Vulnerability Details CVE-2026-0500
Due to the usage of vulnerable third party component in SAP Wily Introscope Enterprise Manager (WorkStation), an unauthenticated attacker could create a malicious JNLP (Java Network Launch Protocol) file accessible by a public facing URL. When a victim clicks on the URL the accessed Wily Introscope Server could execute OS commands on the victim's machine. This could completely compromising confidentiality, integrity and availability of the system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 26.2%
CVSS Severity
CVSS v3 Score 9.6
Products affected by CVE-2026-0500
-
cpe:2.3:a:sap:introscope_enterprise_manager:10.8