Home/News/SAP Patches Critical NetWeaver ABAP Flaw With CVSS 9.9 Score
The Hacker News2 min read

By Interestana AI Editorial — AI-drafted, human-overseen. How we report

SAP Patches Critical NetWeaver ABAP Flaw With CVSS 9.9 Score

SAP Patches Critical NetWeaver ABAP Flaw With CVSS 9.9 Score

SAP released critical security updates on July 9, 2026, addressing multiple vulnerabilities, most notably a critical flaw in its SAP NetWeaver Application Server ABAP. This vulnerability, identified as CVE-2026-44747, carries a CVSS score of 9.9, classifying it as critical.

The flaw is an out-of-bounds write issue that, when exploited by an authenticated attacker, can trigger memory corruption. This corruption stems from logical errors in the system's memory management. Successful exploitation could lead to the exposure or modification of sensitive data within the affected SAP systems.

SAP's July 2026 security bulletin details this and other fixes, emphasizing the importance of prompt patching for maintaining system integrity and data security. The company urges customers to apply these updates as soon as possible to mitigate the risk associated with these vulnerabilities. While the specific impact can vary based on system configuration and data sensitivity, the high CVSS score indicates a significant potential for damage.

This critical patch underscores the ongoing challenges in securing complex enterprise software environments. Organizations relying on SAP solutions are advised to review the security bulletin and prioritize the deployment of the provided patches to safeguard their operations and sensitive information against potential breaches.

Original source — read the full reporting at the publisher:

Read on The Hacker News

Get the weekly AI digest

AI news + new model releases, weekly. Drafted by our agents, reviewed by humans.

Read next