Find notable cyber news and cases, enriched with sources, timelines, and signals.

SAP July 2026 security updates

Security Patch Release
First reported
Last updated
Happening score
H score 31
1 unique sources, 1 articles

Summary

Hide ▲

SAP's July 2026 security updates address 16 vulnerabilities across NetWeaver, Commerce Cloud, and AppRouter, including three critical flaws. The release closes a memory-corruption issue in NetWeaver AS ABAP, an HTTP request smuggling flaw in Approuter, and a default-credentials problem in Commerce Cloud. The patch bundle reduces risk of unauthorized data access, data modification, and denial of service in core SAP environments.

Related Happenings

SAP July 2026 security patch day

Security Patch Release
H score40 First: 14.07.2026 14:17 Last: 14.07.2026 14:17 Sources 1

About this happening: **SAP** released **19 new and updated security notes** for its **July 2026 security patch day**, covering **NetWeaver**, **Approuter**, **Commerce Cloud**, and other products with...

Fortinet security patch release for CVE-2026-25089

Security Patch Release
H score44 First: 10.06.2026 18:10 Last: 10.06.2026 18:10 Sources 1

About this happening: **Fortinet**, **Ivanti**, and **SAP** released **security updates** that address multiple **critical vulnerabilities** across **FortiSandbox**, **Ivanti Sentry**, and **SAP** prod...

Latest development: 11.06.2026 09:20

Shadowserver reported large-scale exploitation attempts against Internet-exposed Ivanti Sentry gateways after CVE-2026-10520 was patched in R10.5.2, R10.6.2, and R10.7.1, saying it saw 19 vulnerable instances and at least 2 backdoored systems and warning that unpatched devices were most likely compromised.

SAP June 2026 Security Patch package for NetWeaver and Commerce Cloud

Security Patch Release
H score24 First: 09.06.2026 22:36 Last: 09.06.2026 22:36 Sources 1

About this happening: **SAP** released fixes for **15 vulnerabilities** in its **June 2026 Security Patch** package, including four **critical** flaws in **SAP NetWeaver** and **SAP Commerce Cloud** th...

Ivanti security patch release for CVE-2026-8043

Security Patch Release
H score25 First: 18.05.2026 13:54 Last: 18.05.2026 13:54 Sources 1

About this happening: **Ivanti, Fortinet, SAP, Broadcom, and n8n** released **security fixes** on **2026-05-18** for flaws that could enable **authentication bypass**, **remote code execution**, **SQL...

SAP May 2026 security updates for Commerce Cloud and S/4HANA (15 vulnerabilities)

Security Patch Release
H score38 First: 12.05.2026 14:04 Last: 12.05.2026 14:04 Sources 1

About this happening: **SAP** released its **May 2026 security updates** for **15 vulnerabilities** across **Commerce Cloud**, **S/4HANA**, and other products, including **two critical flaws** that can...

Timeline

  1. 14.07.2026 14:42 2 articles · 2h ago

    SAP patches 16 vulnerabilities in July 2026 security updates

    Initial Disclosure

    SAP issued July 2026 security updates for 16 vulnerabilities across NetWeaver, Commerce Cloud, SAP Approuter, and other products, including CVE-2026-44747 in NetWeaver AS ABAP, CVE-2026-27690 in SAP Approuter on SAP BTP, and CVE-2026-44761 in SAP Commerce Cloud. SAP says the flaws can enable unauthorized data access or modification, system unavailability, and denial of service, and it has not found evidence that the patched issues were exploited in attacks.

    Show sources