Patch Day SAP CRM, S/4HANA: Attackers can damage databases

Due to a bug, authenticated attackers can execute SQL statements in the context of CRM and SAP S/4HANA (Scripting Editor), thus completely compromising databases (CVE-2026-0488 “ critical ”).
dbta

Addressing SAP’s SQL Injection Attacks and Directory Traversal Vulnerabilities

SAP platforms, used by 99 of the Fortune 100 companies and with over 280 million cloud subscribers worldwide, are among the most reliable business applications. As SAP administrators, your role in ...