CYBERHAWK / CVE / CVE-2026-44748

CVE-2026-44748

CRITICAL CVSS 9.9 other

The flaw

SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal privileges to obtain a valid signed message and send modified signed XML documents to the verifier. This may result in acceptance of tamper

What to do

Review advisory and patch per vendor guidance.

▸ Scan my repo for CVE-2026-44748

References

NVD CISA KEV OSV GitHub Advisory MITRE News search

In the news

SAP fixes critical flaws in NetWeaver and Commerce CloudBleepingComputer · 2026-06-09
SAP Security Patch Day June 2026: Critical CVE-2026-44748 SAML Flaw Could Allow Full Authentication BypassSOCRadar® Cyber Intelligence Inc. · 2026-06-10
Warning: SAP Addresses Critical Vulnerabilities Affecting Multiple SAP products, Patch Immediately!Centre for Cybersecurity Belgium · 2026-06-09

First seen 2026-06-12 · Tracked by PickBits CyberHawk · Weekly CVE digest

← All CVEs RSS Scheduled audits