THE SAP Security Patch Day in July 2026 released 16 new security notes, with a significant fix for CVE-2026-44747, a memory corruption vulnerability in SAP NetWeaver AS ABAP (CVSS 9.9). Other critical vulnerabilities include CVE-2026-27690, affecting SAP Approuter through HTTP request smuggling (CVSS 9.1), and CVE-2026-44761 concerning insecure sample OAuth2 credentials in SAP Commerce Cloud (CVSS 9.1). The memory corruption issue could lead to serious data breaches and system downtime, emphasizing the importance of immediate patching.
SAP July 2026 Patch Tackles NetWeaver Memory Corruption Bug
CyberSIXT Evidence Panel
Article by CyberSIXT