BleepingComputer ·EN-US News source Patch releasedNetWeaver Application Server ABAPApprouterCommerce Cloud
SAP warns of critical flaws in NetWeaver and Commerce Cloud
CVE Tools coverage
SAP has issued security updates addressing 16 vulnerabilities, including three critical flaws affecting its NetWeaver Application Server ABAP, Approuter, and Commerce Cloud. These include a memory corruption issue (CVE-2026-44747), an HTTP request smuggling flaw (CVE-2026-27690), and a vulnerability due to default credentials (CVE-2026-44761). While no active exploitation has been observed, these flaws could allow unauthorized access, data manipulation, or service disruption. Users are advised to apply the latest patches immediately.