Vulnerabilities5 min read
SAP Patches CVSS 9.6 SQL Injection and RCE Flaws in S/4HANA, Commerce
SAP's May 2026 security update addresses 15 vulnerabilities, including CVE-2026-34260 SQL injection in S/4HANA and CVE-2026-34263 unauthenticated RCE in Commerce Cloud.
Marcus ChenMay 14, 2026