SAP patches critical NetWeaver and Commerce Cloud flaws
π SAP released its June 2026 security update addressing 15 vulnerabilities, including four critical issues affecting SAP NetWeaver and SAP Commerce Cloud. The critical flaws include XML Signature Wrapping (CVE-2026-44748), a memory corruption bug (CVE-2026-27671), a Spring Security-related issue (CVE-2026-22732), and a directory traversal in the Java web container (CVE-2026-40128). Organizations should prioritize patching these high-impact defects immediately.
