CVE-2026-40136 — SAP Financial Consolidation allows an authenticated attacker to disconnect other users by terminating their sessions temporarily preventing access. However, the application itself cannot be compromise — CVE Database · The Intelligence Room