SecurityWeek

SAP Patches Critical CRM, S/4HANA, NetWeaver Vulnerabilities

SAP has released 26 new security notes, including two that address critical vulnerabilities in CRM, S/4HANA, and NetWeaver.

Patch Day SAP CRM, S/4HANA: Attackers can damage databases

Due to a bug, authenticated attackers can execute SQL statements in the context of CRM and SAP S/4HANA (Scripting Editor), thus completely compromising databases (CVE-2026-0488 “ critical ”).
Bleeping Computer

SAP fixes three critical vulnerabilities across multiple products

SAP has released its December security updates addressing 14 vulnerabilities across a range of products, including three critical-severity flaws. The most severe (CVSS score: 9.9) of all the issues is ...