SAP has released out-of-band emergency NetWeaver updates to fix a suspected remote code execution (RCE) zero-day flaw actively exploited to hijack servers. The vulnerability, tracked under ...

SAP's security updates for this month address multiple critical vulnerabilities. The most serious of them, rated with the highest severity score, affects the company's Business Client product. Two ...

SAP fixed CVE-2025-42999, a 9.1/10 vulnerability in NetWeaver This one was chained with CVE-2025-31324, which was fixed in April Fortune 500 companies are apparently at risk SAP has patched a critical ...

SAP has issued fixes for 21 newly reported security flaws across its enterprise software, including four critical vulnerabilities in NetWeaver, which underpins many of the company’s flagship ...

A critical vulnerability in SAP NetWeaver AS Java Visual Composer, tracked as CVE-2025-31324, is now being widely exploited following the release of public exploit tooling. The flaw, patched in April ...

A member of the Executive Board of SAP AG, Shai Agassi is the person most responsible for SAP's NetWeaver platform. It was Agassi who first introduced the idea of an application and integration ...

Security experts have identified a serious security vulnerability in SAP NetWeaver that allows unauthorized access to company systems. The vulnerability became known in April 2025 and specifically ...

BianLian, RansomEXX, and others, are jumping the NetWeaver bandwagon In late April, SAP fixed a 10/10 bug in NetWeaver Visual Composer Metadata Uploader Researchers claim there are 1,200 vulnerable ...

The unrestricted file upload flaw is likely being exploited by an initial access broker to deploy JSP web shells that grant full access to servers and allow installing additional malware payloads.

SAP has published 14 security releases for the June patchday. In these, the company's developers address security vulnerabilities in various products, some of which are critical. IT managers should ...