SAP Patchday: One critical SQL injection vulnerability – and 18 others

On the April Patchday, SAP addresses vulnerabilities with 19 security notes. One critical vulnerability allows the injection ...
SecurityWeek

SAP Patches Critical ABAP Vulnerability

SAP has released 19 new security notes on its April 2026 security patch day, including one that resolves a critical-severity ...
SecurityWeek

Exploitation of Critical Fortinet FortiClient EMS Flaw Begins

Threat actors have started exploiting CVE-2026-21643, a critical vulnerability in Fortinet FortiClient EMS leading to remote ...
Bleeping Computer

Sophos fixes SQL injection vulnerability in their Cyberoam OS

Sophos has deployed a hotfix for their line of Cyberoam firewalls and routers to fix a SQL injection vulnerability. Sophos purchased firewall and router maker Cyberoam Technologies in 2014 and has ...
Threat Post

Magento Patches Critical SQL Injection and RCE Vulnerabilities

Magento patched 37 flaws Thursday, including a stored cross-site scripting (XSS) vulnerability that could have let an attacker take over a site. Magento patched 37 vulnerabilities on Thursday, ...
Threat Post

Joomla Update Patches Critical SQL Injection Vulnerability

Joomla released a new version of its CMS Thursday, 3,4,5, that addresses a critical SQL injection vulnerability that could have let attackers gain access to data in the backend of any site running the ...