Advertisement

FortiSandbox Command Injection (CVE-2026-25089) & Critical Vendor Patches
Critical patches from Fortinet, Ivanti, and SAP address vulnerabilities including CVE-2026-25089 (FortiSandbox command injection), enabling RCE and info disclosure.
SAP NetWeaver & Commerce Cloud: Urgent Critical Patches Released
SAP addresses 15 vulnerabilities, including four critical flaws in NetWeaver AS Java and Commerce Cloud, requiring immediate patching to prevent remote exploitation.
SAP NetWeaver and Commerce CVE-2024-21733 Mitigation Guide
SAP releases January 2024 security updates addressing critical vulnerabilities in BusinessObjects, NetWeaver, and Commerce Cloud. Patch now to prevent RCE.
SAP S/4HANA and Commerce Cloud Critical Vulnerabilities — Patch Now
SAP addresses critical vulnerabilities in S/4HANA and Commerce Cloud, including a 9.8 CVSS authentication bypass and SSRF risks. Implement patches immediately.
SAP Commerce Cloud and S/4HANA Critical Vulnerabilities - Patch Now
SAP May 2024 updates address critical vulnerabilities in Commerce Cloud and S/4HANA. Learn how to mitigate RCE and SSRF risks to protect enterprise ERP systems.

TeamPCP Targets SAP npm Packages: Mini Shai-Hulud Supply Chain Attack
TeamPCP broadens supply chain attacks, compromising npm packages in SAP's cloud development ecosystem with the 'Mini Shai-Hulud' malicious code injection.
Official SAP npm Packages Compromised in TeamPCP Supply Chain Attack
Attackers compromised official SAP npm packages to exfiltrate developer credentials and tokens. Learn how to detect and remediate this supply chain threat.

SAP CVE-2026-27681: Critical SQL Injection Vulnerability Patch Guidance
April Patch Tuesday addresses a critical 9.9 CVSS SQL injection vulnerability in SAP Business Warehouse and updates for Microsoft, Adobe, and Fortinet.