Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

SAP security patch release for CVE-2025-42890

Security Patch Release
First reported
Last updated
Happening score
H score 44
1 unique sources, 1 articles

Summary

Hide ▲

SAP released its November security updates on 2025-11-11, addressing multiple vulnerabilities in SQL Anywhere Monitor, SAP Solution Manager, and NetWeaver. The bundle includes CVE-2025-42890, a 10.0-severity hardcoded-credentials flaw in the non-GUI SQL Anywhere Monitor component, and CVE-2025-42887, a 9.9-severity code-injection issue in Solution Manager. The update set also covers CVE-2025-42940, 14 medium-severity vulnerabilities, and a previously addressed CVE-2025-42944, making the release important for enterprise SAP environments.

Related Happenings

Splunk Enterprise security update for CVE-2026-20253

Security Patch Release
H score42 First: 13.06.2026 16:23 Last: 13.06.2026 16:23 Sources 1

About this happening: **Splunk** released **security updates** for **CVE-2026-20253**, fixing a critical **Splunk Enterprise** flaw that could enable unauthenticated file operations and **remote code e...

Open Happening

Fortinet security patch release for CVE-2026-25089

Security Patch Release
H score44 First: 10.06.2026 18:10 Last: 10.06.2026 18:10 Sources 1

About this happening: **Fortinet**, **Ivanti**, and **SAP** released **security updates** that address multiple **critical vulnerabilities** across **FortiSandbox**, **Ivanti Sentry**, and **SAP** prod...

Latest development: 11.06.2026 09:20

Shadowserver reported large-scale exploitation attempts against Internet-exposed Ivanti Sentry gateways after CVE-2026-10520 was patched in R10.5.2, R10.6.2, and R10.7.1, saying it saw 19 vulnerable instances and at least 2 backdoored systems and warning that unpatched devices were most likely compromised.

Open Happening

SAP June 2026 Security Patch package for NetWeaver and Commerce Cloud

Security Patch Release
H score24 First: 09.06.2026 22:36 Last: 09.06.2026 22:36 Sources 1

About this happening: **SAP** released fixes for **15 vulnerabilities** in its **June 2026 Security Patch** package, including four **critical** flaws in **SAP NetWeaver** and **SAP Commerce Cloud** th...

Open Happening

Ivanti security patch release for CVE-2026-8043

Security Patch Release
H score25 First: 18.05.2026 13:54 Last: 18.05.2026 13:54 Sources 1

About this happening: **Ivanti, Fortinet, SAP, Broadcom, and n8n** released **security fixes** on **2026-05-18** for flaws that could enable **authentication bypass**, **remote code execution**, **SQL...

Open Happening

SAP May 2026 security updates for Commerce Cloud and S/4HANA (15 vulnerabilities)

Security Patch Release
H score38 First: 12.05.2026 14:04 Last: 12.05.2026 14:04 Sources 1

About this happening: **SAP** released its **May 2026 security updates** for **15 vulnerabilities** across **Commerce Cloud**, **S/4HANA**, and other products, including **two critical flaws** that can...

Open Happening

Timeline

  1. 11.11.2025 17:38 2 articles · 7mo ago

    SAP releases November 2025 security updates

    Mitigation Patch Update

    SAP released its November security updates, fixing CVE-2025-42890 in SQL Anywhere Monitor (Non-GUI), CVE-2025-42887 in SAP Solution Manager, CVE-2025-42940, 14 other medium-severity vulnerabilities, and CVE-2025-42944 in NetWeaver.

    Show sources
    Open in new tab
  2. 11.11.2025 17:38 1 articles · 7mo ago

    SAP details hardcoded credentials and code injection flaws

    Technical Analysis Update

    CVE-2025-42890 in SQL Anywhere Monitor (Non-GUI) was described as hardcoded credentials that could expose administrative functions and provide attackers with the possibility of arbitrary code execution, while CVE-2025-42887 in SAP Solution Manager involved missing input sanitation in a remote-enabled function module that could let an authenticated attacker insert malicious code and gain full control of the system.

    Show sources
    Open in new tab