Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

SAP security patch release for CVE-2019-17571

Security Patch Release
First reported
Last updated
Happening score
H score 26
1 unique sources, 1 articles

Summary

Hide ▲

SAP released security updates for two critical flaws in FS-QUO and NetWeaver Enterprise Portal Administration, reducing the risk of arbitrary code execution on affected systems. The patched issues are CVE-2019-17571 and CVE-2026-27685, rated 9.8 and 9.1 respectively. One flaw is a code injection issue tied to an outdated Apache Log4j 1.2.17 artifact, while the other is an insecure deserialization weakness in uploaded content handling. Both bugs were severe enough to warrant immediate vendor fixes for affected SAP deployments.

Related Happenings

Ivanti security patch release for CVE-2026-8043

Security Patch Release
First: 18.05.2026 13:54 Last: 18.05.2026 13:54 Sources 1

About this happening: **Ivanti, Fortinet, SAP, Broadcom, and n8n** released **security fixes** on **2026-05-18** for flaws that could enable **authentication bypass**, **remote code execution**, **SQL...

Open Happening

SAP May 2026 security updates for Commerce Cloud and S/4HANA (15 vulnerabilities)

Security Patch Release
First: 12.05.2026 14:04 Last: 12.05.2026 14:04 Sources 1

About this happening: **SAP** released its **May 2026 security updates** for **15 vulnerabilities** across **Commerce Cloud**, **S/4HANA**, and other products, including **two critical flaws** that can...

Open Happening

WolfSSL security patch release (CVE-2026-5194)

Security Patch Release
First: 13.04.2026 22:56 Last: 13.04.2026 22:56 Sources 1

About this happening: The **wolfSSL project** released **version 5.9.1** to fix **CVE-2026-5194**, a cryptographic validation flaw that could let vulnerable deployments accept forged certificates. The...

Open Happening

Oracle security patch release for CVE-2026-21992

Security Patch Release
First: 21.03.2026 12:24 Last: 21.03.2026 12:24 Sources 1

About this happening: **Oracle** released **security updates** for **CVE-2026-21992**, a critical flaw in **Identity Manager** and **Web Services Manager** that could enable **unauthenticated remote co...

Open Happening

Adobe PolyShell fix for Magento Open Source and Adobe Commerce

Security Patch Release
First: 19.03.2026 22:01 Last: 19.03.2026 22:01 Sources 1

About this happening: Adobe released an **alpha** fix for **PolyShell**, but **production Magento Open Source and Adobe Commerce stable version 2** installations remain vulnerable. The update is only p...

Open Happening

Timeline

  1. 11.03.2026 14:26 2 articles · 2mo ago

    SAP releases security updates for two critical flaws

    Initial Disclosure

    SAP released security updates for SAP Quotation Management Insurance application (FS-QUO) and SAP NetWeaver Enterprise Portal Administration to address CVE-2019-17571 and CVE-2026-27685, two critical vulnerabilities that could enable arbitrary code execution on affected systems. One flaw is a code injection issue tied to an outdated Apache Log4j 1.2.17 artifact with CVSS 9.8, and the other is an insecure deserialization weakness involving uploaded content with CVSS 9.1.

    Show sources
    Open in new tab