importantSYS.SOURCE: The Hacker News• 2026-07-14T23:47:57+05:30
SAP Addresses Critical CVSS 9.9 NetWeaver ABAP Flaw and Related Security Issues
SAP released critical security patches for a CVSS 9.9 vulnerability (CVE-2026-44747) in SAP NetWeaver ABAP, enabling unauthorized data access or modification through memory corruption. The update also addresses two other high-severity flaws, including HTTP smuggling and default credentials in SAP Commerce Cloud.
SAP has rolled out updates to address multiple vulnerabilities as part of its July 2026 security updates, including a critical flaw in SAP NetWeaver Application Server ABAP.
The vulnerability in question is CVE-2026-44747 (CVSS score: 9.9), an out-of-bounds write flaw that allows an authenticated attacker to leverage logical errors in memory management to cause a memory corruption that could
*** END OF TRANSMISSION ***