SAP Product Security Update Advisory

Mar 11 2026

Overview

SAP has released security updates that address vulnerabilities in its products. Users of affected products are advised to update to the latest version.

Affected Products

CVE-2026-27685

SAP NetWeaver Enterprise Portal Administration version: EP-RUNTIME 7.50

CVE-2026-27689

SAP Supply Chain Management versions: SCMAPO 713, 714, S4CORE 102, 103, 104, S4COREOP 105, 106, 107, 108, 109, SCM 700, 701, 702, 712

Resolved Vulnerabilities

Insecure deserialization vulnerability in SAP NetWeaver Enterprise Portal Administration (CVE-2026-27685)
Denial of Service Vulnerability in SAP Supply Chain Management (CVE-2026-27689)

Vulnerability Patches

Vulnerability Patches have been made available with the latest updates. Please follow the instructions on the Referenced Sites to update to the latest version of Vulnerability Patches.

CVE-2026-27685, CVE-2026-27689

Separate security patches available[2][3]

References

[1] SAP Security Patch Day – March 2026
https://support.sap.com/en/my-support/knowledge-base/security-notes-news/march-2026.html
[2] CVE-2026-27685
https://me.sap.com/notes/3714585
[3] CVE-2026-27689
https://me.sap.com/notes/3719502

SAP Product Security Update Advisory

Nginx UI Security Update Advisory (CVE-2026-27944)

Siemens Product Family March 2026 Routine Security Update Advisory

Tags:

Nginx UI Security Update Advisory (CVE-2026-27944)

Siemens Product Family March 2026 Routine Security Update Advisory