securityonline.info 7/14/2026, 9:11:24 AM · external

SAP July 2026 Patch Tackles NetWeaver Memory Corruption Bug

SAP July 2026 Patch Tackles NetWeaver Memory Corruption Bug
CyberSIXT Evidence Panel
Primary Source support.sap.com
CISA KEV Not in KEV
Patch Patch Status Unknown

THE SAP Security Patch Day in July 2026 released 16 new security notes, with a significant fix for CVE-2026-44747, a memory corruption vulnerability in SAP NetWeaver AS ABAP (CVSS 9.9). Other critical vulnerabilities include CVE-2026-27690, affecting SAP Approuter through HTTP request smuggling (CVSS 9.1), and CVE-2026-44761 concerning insecure sample OAuth2 credentials in SAP Commerce Cloud (CVSS 9.1). The memory corruption issue could lead to serious data breaches and system downtime, emphasizing the importance of immediate patching.

View Primary Source Via securityonline.info

Article by CyberSIXT