SAP Patches Critical S/4HANA Vulnerability - SecurityWeek

SAP released 15 new security notes, including four critical fixes, addressing vulnerabilities in S/4HANA, NetWeaver, and other products. Two of the critical fixes, CVE-2025-42950 and CVE-2025-42957, are code injection issues that could lead to arbitrary code execution and full system compromise. Organizations are advised to install the updates to prevent exploitation by threat actors.