Cyber Security News

SAP fixes critical vulnerabilities in Commerce Cloud and S/4HANA

BleepingComputer
SAP fixes critical vulnerabilities in Commerce Cloud and S/4HANA

SAP’s May 2026 security updates fix 15 vulnerabilities across its product lineup, including critical issues in Commerce Cloud and S/4HANA. The flaws include unauthenticated code execution and SQL injection, while SAP also recently faced a supply-chain compromise involving official npm packages. #SAP #CommerceCloud #S4HANA #CVE-2026-34263 #CVE-2026-34260

Keypoints

  • SAP patched 15 vulnerabilities in its May 2026 security release.
  • CVE-2026-34263 in Commerce Cloud can allow unauthenticated code execution.
  • CVE-2026-34260 in S/4HANA enables low-complexity SQL injection attacks.
  • The advisory also fixes command injection, XSS, CSRF, and denial-of-service issues.
  • SAP recently dealt with a supply-chain attack against official npm packages.

Read More: https://www.bleepingcomputer.com/news/security/sap-fixes-critical-vulnerabilities-in-commerce-cloud-and-s-4hana/

SHARE THIS STORY

WhatsAppX (Twitter)TelegramBlueskyFacebookLinkedInThreadsEmailPrint