SAP fixes critical flaws in NetWeaver and Commerce Cloud

SAP has released fixes for 15 vulnerabilities as part of its June 2026 Security Patch package, including four ...
SecurityWeek

SAP Patches Critical NetWeaver, Commerce Vulnerabilities

SAP has released 15 new security notes, including four addressing critical-severity vulnerabilities in NetWeaver and Commerce ...
CSO Online

June Patch Tuesday marks a ‘new normal’ with over 200 CVEs, 32 rated ‘critical’

AI discovery is increasing the count of zero days and other CVEs, so enterprises should prepare for larger Patch Tuesdays in ...
CSOonline

SAP NetWeaver customers urged to deploy patch for critical zero-day vulnerability

The unrestricted file upload flaw is likely being exploited by an initial access broker to deploy JSP web shells that grant full access to servers and allow installing additional malware payloads.
Bleeping Computer

Over 1,200 SAP NetWeaver servers vulnerable to actively exploited flaw

Over 1,200 internet-exposed SAP NetWeaver instances are vulnerable to an actively exploited maximum severity unauthenticated file upload vulnerability that allows attackers to hijack servers. SAP ...
heise online

SAP Patchday: NetWeaver products are vulnerable to malware attacks

On Patchday in July, SAP developers closed a total of five "critical" security vulnerabilities. In the worst case scenario, malicious code can compromise systems. So far, there are no indications that ...