{"vulnerability": "CVE-2026-44748", "sightings": [{"uuid": "878d41c7-154d-49dc-a03a-9d4778861474", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44748", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mntaren2hl25", "content": "CVE-2026-44748 - XML Signature Wrapping in SAML Authentication in SAP NetWeaver AS ABAP and ABAP Platform\nCVE ID : CVE-2026-44748\n \n Published : June 9, 2026, 1:16 a.m. | 1\u00a0hour, 58\u00a0minutes ago\n \n Description : SAP NetWeaver Application Server ABAP and ABAP Platform allows an ...", "creation_timestamp": "2026-06-09T03:25:44.977506Z"}, {"uuid": "ff727bb9-8051-462d-8118-1a3659954bfd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-44748", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116717559819877272", "content": "\ud83d\udea8 CRITICAL: CVE-2026-44748 hits SAP NetWeaver AS ABAP & ABAP Platform (SAP_BASIS 702 \u2013 919). Improper cryptographic signature checks may let attackers gain unauthorized access! Patch urgently. https://radar.offseq.com/threat/cve-2026-44748-cwe-347-improper-verification-of-cr-3c43c9f0 #OffSeq #SAP #Vuln #InfoSec", "creation_timestamp": "2026-06-09T01:30:28.035502Z"}, {"uuid": "1f175da8-4f78-41e4-a55a-bec05d5d2023", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44748", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mnuh5n6lol2y", "content": "3/ \u26a0\ufe0f SAP Patch Tuesday: CVE-2026-44748 (CVSS 9.9) \u2014 XML tampering lets attackers hijack enterprise identity across SAP systems. CVE-2026-27671 (CVSS 9.8) \u2014 unauthenticated memory corruption. Patch both NOW.", "creation_timestamp": "2026-06-09T14:52:38.841781Z"}, {"uuid": "2d748815-03b1-48a6-b151-2f412a14ad65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-44748", "type": "seen", "source": "https://www.acn.gov.it/portale/w/sap-security-patch-day-17", "content": "", "creation_timestamp": "2026-06-09T01:20:31.000000Z"}, {"uuid": "ac511560-4915-4ebb-80c1-439259599346", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44748", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mnu76qz3un2z", "content": "\ud83d\udd17 CVE : CVE-2025-68161, CVE-2026-22732, CVE-2026-24315, CVE-2026-27671, CVE-2026-29145, CVE-2026-40128, CVE-2026-44743, CVE-2026-44744, CVE-2026-44746, CVE-2026-44748, CVE-2026-44750, CVE-2026-44751, CVE-2026-44754, CVE-2026-44755, CVE-2026-44757", "creation_timestamp": "2026-06-09T12:30:10.021016Z"}, {"uuid": "360e4f17-0b8c-44dc-ac7e-34c62e6253ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44748", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mnuh5n6wgd2y", "content": "3/ \u26a0\ufe0f SAP Patch Tuesday: CVE-2026-44748 (CVSS 9.9) \u2014 XML tampering lets attackers hijack enterprise identity across SAP systems. CVE-2026-27671 (CVSS 9.8) \u2014 unauthenticated memory corruption. Patch both NOW.", "creation_timestamp": "2026-06-09T14:52:57.052037Z"}, {"uuid": "8a56dea8-e231-4bad-bb67-70b66ef0e1ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44748", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mnuh5n6sjd2y", "content": "3/ \u26a0\ufe0f SAP Patch Tuesday: CVE-2026-44748 (CVSS 9.9) \u2014 XML tampering lets attackers hijack enterprise identity across SAP systems. CVE-2026-27671 (CVSS 9.8) \u2014 unauthenticated memory corruption. Patch both NOW.", "creation_timestamp": "2026-06-09T14:52:40.146256Z"}, {"uuid": "5aebd20b-ef09-4a9d-bb78-5cab2cb79ff4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44748", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mnuh5n6til2y", "content": "3/ \u26a0\ufe0f SAP Patch Tuesday: CVE-2026-44748 (CVSS 9.9) \u2014 XML tampering lets attackers hijack enterprise identity across SAP systems. CVE-2026-27671 (CVSS 9.8) \u2014 unauthenticated memory corruption. Patch both NOW.", "creation_timestamp": "2026-06-09T14:52:41.482608Z"}, {"uuid": "8e6a078f-0fcd-41e7-b826-9ee2ccfa6b70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44748", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mnuh5n6xfl2y", "content": "3/ \u26a0\ufe0f SAP Patch Tuesday: CVE-2026-44748 (CVSS 9.9) \u2014 XML tampering lets attackers hijack enterprise identity across SAP systems. CVE-2026-27671 (CVSS 9.8) \u2014 unauthenticated memory corruption. Patch both NOW.", "creation_timestamp": "2026-06-09T14:52:58.410789Z"}, {"uuid": "cafea526-4ca4-4934-9c6e-5bdba5a2bda7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44748", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mnuh5n6uht2y", "content": "3/ \u26a0\ufe0f SAP Patch Tuesday: CVE-2026-44748 (CVSS 9.9) \u2014 XML tampering lets attackers hijack enterprise identity across SAP systems. CVE-2026-27671 (CVSS 9.8) \u2014 unauthenticated memory corruption. Patch both NOW.", "creation_timestamp": "2026-06-09T14:52:51.824264Z"}, {"uuid": "edaa0fb1-d023-4518-8141-f42ddd2c6169", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44748", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mnuh5n6xfm2y", "content": "3/ \u26a0\ufe0f SAP Patch Tuesday: CVE-2026-44748 (CVSS 9.9) \u2014 XML tampering lets attackers hijack enterprise identity across SAP systems. CVE-2026-27671 (CVSS 9.8) \u2014 unauthenticated memory corruption. Patch both NOW.", "creation_timestamp": "2026-06-09T14:52:59.941845Z"}, {"uuid": "57e25469-b000-4ef2-baec-f2f246c101cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44748", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mnuh5n6yeu2y", "content": "3/ \u26a0\ufe0f SAP Patch Tuesday: CVE-2026-44748 (CVSS 9.9) \u2014 XML tampering lets attackers hijack enterprise identity across SAP systems. CVE-2026-27671 (CVSS 9.8) \u2014 unauthenticated memory corruption. Patch both NOW.", "creation_timestamp": "2026-06-09T14:53:01.229709Z"}, {"uuid": "1900c68e-a896-49ea-a8b6-4ec47ffc4a59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44748", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnuhl5u5352d", "content": "SAP released 15 June 2026 security notes, including 4 critical fixes for NetWeaver, Commerce Cloud, and Data Hub. CVE-2026-44748 in NetWeaver AS ABAP scores 9.9 and impacts XML Signature Wrapping. #SAP #NetWeaver #CommerceCloud", "creation_timestamp": "2026-06-09T15:00:12.345726Z"}, {"uuid": "37fd7344-b067-4c76-86e9-b41a20f810f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44748", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnv67dcpyh2j", "content": "SAP's June 2026 patch fixes 15 flaws, including 4 critical issues in NetWeaver and Commerce Cloud. CVE-2026-44748 and CVE-2026-27671 may enable auth bypass, memory corruption, and directory traversal. #SAP #NetWeaver #CommerceCloud", "creation_timestamp": "2026-06-09T21:45:12.155189Z"}, {"uuid": "757681cb-2677-4f16-964c-76ec09f5b6ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44748", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mnuh5n6vh32y", "content": "3/ \u26a0\ufe0f SAP Patch Tuesday: CVE-2026-44748 (CVSS 9.9) \u2014 XML tampering lets attackers hijack enterprise identity across SAP systems. CVE-2026-27671 (CVSS 9.8) \u2014 unauthenticated memory corruption. Patch both NOW.", "creation_timestamp": "2026-06-09T14:52:55.234944Z"}]}