SAP warns of critical flaws in NetWeaver and Commerce Cloud
ID: 4ac32158-0168-5880-a8c7-3d70c56c5aa3
STIX ID: report--4ac32158-0168-5880-a8c7-3d70c56c5aa3
Feed Name: Bleeping Computer
Threat Score
SAP released July 2026 security updates fixing 16 vulnerabilities—three critical (NetWeaver memory corruption CVE-2026-44747, AppRouter HTTP request smuggling CVE-2026-27690, and Commerce Cloud default-credentials CVE-2026-44761)—alongside multiple high and medium severity fixes; there is no evidence the newly patched issues have been exploited, though past supply-chain compromises and CISA Known Exploited Vulnerabilities entries increase risk for affected organizations.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
