CVE-2026-27680 — Due to improper input handling under certain conditions, SAP NetWeaver Application Server ABAP allows an attacker to inject custom Cascading Style Sheets (CSS) data into a web page served by the appli — CVE Database · The Intelligence Room