CVE Tools
Back to feed
BleepingComputer ·EN-US News source Patch releasedNetWeaver Application Server ABAPApprouterCommerce Cloud

SAP warns of critical flaws in NetWeaver and Commerce Cloud

By Sergiu Gatlan··2 min read
CVE Tools coverage

SAP has issued security updates addressing 16 vulnerabilities, including three critical flaws affecting its NetWeaver Application Server ABAP, Approuter, and Commerce Cloud. These include a memory corruption issue (CVE-2026-44747), an HTTP request smuggling flaw (CVE-2026-27690), and a vulnerability due to default credentials (CVE-2026-44761). While no active exploitation has been observed, these flaws could allow unauthorized access, data manipulation, or service disruption. Users are advised to apply the latest patches immediately.