SAP July 2026 security patch day
Security Patch Release
Summary
Hide ▲
Show ▼
SAP released 19 new and updated security notes for its July 2026 security patch day, covering NetWeaver, Approuter, Commerce Cloud, and other products with fixes for critical flaws.
Related Happenings
SAP July 2026 security updates
Security Patch Release
H score31
First: 14.07.2026 14:42
Last: 14.07.2026 14:42
Sources 1
About this happening:
SAP's **July 2026 security updates** address **16 vulnerabilities** across **NetWeaver, Commerce Cloud, and AppRouter**, including **three critical flaws**. The release closes a *...
SAP July 2026 security updates
Security Patch ReleaseAbout this happening: SAP's **July 2026 security updates** address **16 vulnerabilities** across **NetWeaver, Commerce Cloud, and AppRouter**, including **three critical flaws**. The release closes a *...
Fortinet security patch release for CVE-2026-25089
Security Patch Release
H score44
First: 10.06.2026 18:10
Last: 10.06.2026 18:10
Sources 1
About this happening:
**Fortinet**, **Ivanti**, and **SAP** released **security updates** that address multiple **critical vulnerabilities** across **FortiSandbox**, **Ivanti Sentry**, and **SAP** prod...
Fortinet security patch release for CVE-2026-25089
Security Patch ReleaseAbout this happening: **Fortinet**, **Ivanti**, and **SAP** released **security updates** that address multiple **critical vulnerabilities** across **FortiSandbox**, **Ivanti Sentry**, and **SAP** prod...
Latest development: 11.06.2026 09:20
Shadowserver reported large-scale exploitation attempts against Internet-exposed Ivanti Sentry gateways after CVE-2026-10520 was patched in R10.5.2, R10.6.2, and R10.7.1, saying it saw 19 vulnerable instances and at least 2 backdoored systems and warning that unpatched devices were most likely compromised.
SAP June 2026 Security Patch package for NetWeaver and Commerce Cloud
Security Patch Release
H score24
First: 09.06.2026 22:36
Last: 09.06.2026 22:36
Sources 1
About this happening:
**SAP** released fixes for **15 vulnerabilities** in its **June 2026 Security Patch** package, including four **critical** flaws in **SAP NetWeaver** and **SAP Commerce Cloud** th...
SAP June 2026 Security Patch package for NetWeaver and Commerce Cloud
Security Patch ReleaseAbout this happening: **SAP** released fixes for **15 vulnerabilities** in its **June 2026 Security Patch** package, including four **critical** flaws in **SAP NetWeaver** and **SAP Commerce Cloud** th...
Ivanti security patch release for CVE-2026-8043
Security Patch Release
H score25
First: 18.05.2026 13:54
Last: 18.05.2026 13:54
Sources 1
About this happening:
**Ivanti, Fortinet, SAP, Broadcom, and n8n** released **security fixes** on **2026-05-18** for flaws that could enable **authentication bypass**, **remote code execution**, **SQL...
Ivanti security patch release for CVE-2026-8043
Security Patch ReleaseAbout this happening: **Ivanti, Fortinet, SAP, Broadcom, and n8n** released **security fixes** on **2026-05-18** for flaws that could enable **authentication bypass**, **remote code execution**, **SQL...
SAP May 2026 security updates for Commerce Cloud and S/4HANA (15 vulnerabilities)
Security Patch Release
H score38
First: 12.05.2026 14:04
Last: 12.05.2026 14:04
Sources 1
About this happening:
**SAP** released its **May 2026 security updates** for **15 vulnerabilities** across **Commerce Cloud**, **S/4HANA**, and other products, including **two critical flaws** that can...
SAP May 2026 security updates for Commerce Cloud and S/4HANA (15 vulnerabilities)
Security Patch ReleaseAbout this happening: **SAP** released its **May 2026 security updates** for **15 vulnerabilities** across **Commerce Cloud**, **S/4HANA**, and other products, including **two critical flaws** that can...
Timeline
-
14.07.2026 14:17 2 articles · 2h ago
SAP releases 19 security notes for NetWeaver, Approuter, and Commerce Cloud
Initial DisclosureSAP announced 19 new and updated security notes for its July 2026 security patch day, including CVE-2026-44747 in NetWeaver Application Server ABAP (CVSS 9.9), CVE-2026-27690 in Approuter (CVSS 9.1), and CVE-2026-44761 in Commerce Cloud (CVSS 9.1). SAP customers are advised to apply the patches, use the SICF workaround for CVE-2026-44747 if needed, and audit Commerce Cloud production deployments for sample OAuth2 clients with hardcoded credentials.
Show sources
- SAP Patches Critical Vulnerabilities in NetWeaver, Approuter, Commerce Cloud — www.securityweek.com — 14.07.2026 14:17
- SAP Patches Critical Vulnerabilities in NetWeaver, Approuter, Commerce Cloud — www.securityweek.com — 14.07.2026 14:17