Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

SAP June 2026 Security Patch package for NetWeaver and Commerce Cloud

Security Patch Release
First reported
Last updated
Happening score
H score 24
1 unique sources, 1 articles

Summary

Hide ▲

SAP released fixes for 15 vulnerabilities in its June 2026 Security Patch package, including four critical flaws in SAP NetWeaver and SAP Commerce Cloud that can affect enterprise environments.

Related Happenings

Ivanti security patch release for CVE-2026-8043

Security Patch Release
H score25 First: 18.05.2026 13:54 Last: 18.05.2026 13:54 Sources 1

About this happening: **Ivanti, Fortinet, SAP, Broadcom, and n8n** released **security fixes** on **2026-05-18** for flaws that could enable **authentication bypass**, **remote code execution**, **SQL...

Open Happening

SAP May 2026 security updates for Commerce Cloud and S/4HANA (15 vulnerabilities)

Security Patch Release
H score42 First: 12.05.2026 14:04 Last: 12.05.2026 14:04 Sources 1

About this happening: **SAP** released its **May 2026 security updates** for **15 vulnerabilities** across **Commerce Cloud**, **S/4HANA**, and other products, including **two critical flaws** that can...

Open Happening

SAP security patch release for CVE-2019-17571

Security Patch Release
H score26 First: 11.03.2026 14:26 Last: 11.03.2026 14:26 Sources 1

About this happening: **SAP** released security updates for **two critical flaws** in **FS-QUO** and **NetWeaver Enterprise Portal Administration**, reducing the risk of **arbitrary code execution** on...

Open Happening

Patch Tuesday multi-vendor security patch release (multiple vulnerabilities)

Security Patch Release
H score44 First: 11.02.2026 15:28 Last: 11.02.2026 15:28 Sources 1

About this happening: On **Patch Tuesday**, **software vendors** released security updates across **OS, cloud, network, and application platforms**, closing multiple flaws in widely used products and s...

Open Happening

Fortinet security patch release for CVE-2025-59718

Security Patch Release
H score31 First: 10.12.2025 06:50 Last: 10.12.2025 06:50 Sources 1

About this happening: **Fortinet**, **Ivanti**, and **SAP** released **December** security updates for **critical vulnerabilities** that could enable **authentication bypass** or **code execution** acr...

Open Happening

Timeline

  1. 09.06.2026 22:36 2 articles · 2h ago

    SAP releases June 2026 Security Patch for NetWeaver and Commerce Cloud

    Initial Disclosure

    SAP released fixes for 15 vulnerabilities in its June 2026 Security Patch package, including four critical-severity flaws affecting SAP NetWeaver and SAP Commerce Cloud. The highest-risk issues include CVE-2026-44748, an XML Signature Wrapping flaw that can enable SAML authentication bypass in SAP NetWeaver AS ABAP and ABAP Platform; CVE-2026-27671, a memory corruption flaw in SAP NetWeaver/ABAP Platform Application Server ABAP that can be triggered without authentication through crafted RFC requests; CVE-2026-22732, a Spring Security-related vulnerability affecting SAP Commerce Cloud and SAP Data Hub; and CVE-2026-40128, a directory traversal vulnerability in SAP NetWeaver Application Server Java's Web Container. SAP also addressed two high-severity issues, CVE-2026-29145 and CVE-2026-44751, and recommends that organizations using the impacted products prioritize patching.

    Show sources
    Open in new tab