At the end of April, SAP had to close a critical security gap in Netweaver. Ransomware groups are now also attacking the leak. The critical vulnerability in SAP Netweaver, which prompted SAP to ...

Multiple ransomware operators are trying to take advantage of the recently discovered, maximum severity flaw, affecting SAP NetWeaver Visual Composer. This is according to, among others ...

BianLian, RansomEXX, and others, are jumping the NetWeaver bandwagon In late April, SAP fixed a 10/10 bug in NetWeaver Visual Composer Metadata Uploader Researchers claim there are 1,200 ...

SAP fixed CVE-2025-42999, a 9.1/10 vulnerability in NetWeaver This one was chained with CVE-2025-31324, which was fixed in April Fortune 500 companies are apparently at risk SAP has patched a ...

SAP's patchday overview shows that the company's developers consider a vulnerability in SAP Netweaver to be a critical risk. There are also four others with a high threat level. IT managers should ...

SAP Netweaver Visual Composer users are urged to patch a critical vulnerability that attackers are actively exploiting. According to ReliaQuest, which detected the vulnerability, the attacks allow ...

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up for any (or all) of our 25+ Newsletters. Some states have laws and ethical rules regarding solicitation ...

A critical vulnerability in SAP NetWeaver Visual Composer has led to confirmed compromises of multiple organizations, and researchers warn that more than 7,500 SAP NetWeaver Application Servers ...

Over 1,200 internet-exposed SAP NetWeaver instances are vulnerable to an actively exploited maximum severity unauthenticated file upload vulnerability that allows attackers to hijack servers.

Security experts have identified a serious security vulnerability in SAP NetWeaver that allows unauthorized access to company systems. The vulnerability became known in April 2025 and specifically ...

SAP has released out-of-band emergency NetWeaver updates to fix a suspected remote code execution (RCE) zero-day flaw actively exploited to hijack servers. The vulnerability, tracked under CVE ...

Security researchers warn that hackers are actively exploiting a critical unrestricted-file-upload vulnerability in SAP NetWeaver Visual Composer. The vulnerability, tracked as CVE-2025-31324 ...