Find notable cyber news and cases, enriched with sources, timelines, and signals.

SAP security patch release for CVE-2019-17571

Security Patch Release
First reported
Last updated
Happening score
H score 42
1 unique sources, 1 articles

Summary

Hide ▲

SAP released security updates for two critical flaws in FS-QUO and NetWeaver Enterprise Portal Administration, reducing the risk of arbitrary code execution on affected systems. The patched issues are CVE-2019-17571 and CVE-2026-27685, rated 9.8 and 9.1 respectively. One flaw is a code injection issue tied to an outdated Apache Log4j 1.2.17 artifact, while the other is an insecure deserialization weakness in uploaded content handling. Both bugs were severe enough to warrant immediate vendor fixes for affected SAP deployments.

Related Happenings

Splunk Enterprise security update for CVE-2026-20253

Security Patch Release
H score52 First: 13.06.2026 16:23 Last: 13.06.2026 16:23 Sources 1

About this happening: **Splunk** released **security updates** for **CVE-2026-20253**, fixing a critical **Splunk Enterprise** flaw that could enable unauthenticated file operations and **remote code e...

SAP June 2026 Security Patch package for NetWeaver and Commerce Cloud

Security Patch Release
H score24 First: 09.06.2026 22:36 Last: 09.06.2026 22:36 Sources 1

About this happening: **SAP** released fixes for **15 vulnerabilities** in its **June 2026 Security Patch** package, including four **critical** flaws in **SAP NetWeaver** and **SAP Commerce Cloud** th...

Nginx security patch release for CVE-2026-49975

Security Patch Release
H score42 First: 03.06.2026 22:08 Last: 03.06.2026 22:08 Sources 1

About this happening: Vendors released fixes for the **HTTP/2 Bomb** DoS issue, closing a path that could let a **single client** exhaust server memory within seconds. The patch set covers **nginx 1.29...

Ivanti security patch release for CVE-2026-8043

Security Patch Release
H score25 First: 18.05.2026 13:54 Last: 18.05.2026 13:54 Sources 1

About this happening: **Ivanti, Fortinet, SAP, Broadcom, and n8n** released **security fixes** on **2026-05-18** for flaws that could enable **authentication bypass**, **remote code execution**, **SQL...

SAP May 2026 security updates for Commerce Cloud and S/4HANA (15 vulnerabilities)

Security Patch Release
H score38 First: 12.05.2026 14:04 Last: 12.05.2026 14:04 Sources 1

About this happening: **SAP** released its **May 2026 security updates** for **15 vulnerabilities** across **Commerce Cloud**, **S/4HANA**, and other products, including **two critical flaws** that can...

Timeline

  1. 11.03.2026 14:26 2 articles · 4mo ago

    SAP releases security updates for two critical flaws

    Initial Disclosure

    SAP released security updates for SAP Quotation Management Insurance application (FS-QUO) and SAP NetWeaver Enterprise Portal Administration to address CVE-2019-17571 and CVE-2026-27685, two critical vulnerabilities that could enable arbitrary code execution on affected systems. One flaw is a code injection issue tied to an outdated Apache Log4j 1.2.17 artifact with CVSS 9.8, and the other is an insecure deserialization weakness involving uploaded content with CVSS 9.1.

    Show sources