Patch Tuesday

CVE-2026-27681 allows low-privileged users to execute arbitrary SQL commands in SAP Business Planning and Consolidation. CVSS 9.9 - patch immediately.

Microsoft's April 2026 Patch Tuesday fixes 167 vulnerabilities including CVE-2026-32201, an actively exploited SharePoint zero-day. Eight critical RCE flaws patched.

Microsoft's March 2026 Patch Tuesday addresses 83 vulnerabilities including two publicly disclosed zero-days in SQL Server and .NET. Eight flaws rated Critical.

Microsoft's February 2026 Patch Tuesday fixes 59 flaws including six actively exploited zero-days. CrowdStrike confirmed CVE-2026-21533 was used in attacks targeting US and Canada since December.

KB5074109 update causing UNMOUNTABLE_BOOT_VOLUME errors on some Windows 11 devices. Physical machines affected; VMs appear unimpacted.

January 2026 Patch Tuesday addresses CVE-2026-20805, an info disclosure bug already under attack. CISA gives feds until February 3 to patch.

January 2026 Patch Day addresses 17 flaws including four HotNews vulnerabilities. CVE-2026-0501 allows authenticated attackers to compromise S/4HANA financial systems.