Vulnerabilities3 min read
SAP Patches 9.9-Severity SQL Injection in BPC and Business Warehouse
CVE-2026-27681 allows low-privileged users to execute arbitrary SQL commands in SAP Business Planning and Consolidation. CVSS 9.9 - patch immediately.
Marcus ChenApr 19, 2026