SecurityWeek

SAP Patches Critical Vulnerabilities With December 2025 Security Updates

SAP released 14 new security notes, including 3 addressing critical vulnerabilities in Solution Manager, Commerce Cloud, and ...
SecurityWeek

SAP Patches Critical Flaws That Could Allow Remote Code Execution, Full System Takeover

SAP has released patches for multiple insecure deserialization vulnerabilities in NetWeaver that could lead to full system compromise. Enterprise software maker SAP on Tuesday announced the release of ...

SAP fixes three critical vulnerabilities across multiple products

SAP has released its December security updates addressing 14 vulnerabilities across a range of products, including three ...
Officer

VIRTUAL FORGE NOW OFFERS ITS CODEPROFILER FOR HANA with SUPPORT OF SAPUI5

HEIDELBERG, Germany (April 18, 2018) – Virtual Forge, the leading provider of cyber security solutions for SAP®, today announced its CodeProfiler for HANA is now able to scan the SAPUI5 programming ...
Bleeping Computer

SAP fixes suspected NetWeaver zero-day exploited in attacks

SAP has released out-of-band emergency NetWeaver updates to fix a suspected remote code execution (RCE) zero-day flaw actively exploited to hijack servers. The vulnerability, tracked under ...
The Hacker News

Fortinet, Ivanti, and SAP Issue Urgent Patches for Authentication and Code Execution Flaws

Vendors fix critical flaws across Fortinet, Ivanti, and SAP to prevent authentication bypass and remote code execution.
CSOonline

Most common SAP vulnerabilities attackers try to exploit

Unpatched vulnerabilities, common misconfigurations and hidden flaws in custom code continue to make enterprise SAP applications a target rich environment for attackers at a time when threats like ...

Three critical vulnerabilities patched by SAP - here's what we know

SAP’s December update patched 14 flaws, including three critical vulnerabilities in key products CVE‑2025‑42880 (9.9) in SAP ...