CVE-2026-34263
published 2026-05-12CVE-2026-34263: Due to improper Spring Security configuration, SAP Commerce Cloud allows an unauthenticated user to perform malicious input injection, resulting in arbitrary…
PriorityP263critical9.6CVSS 3.1
AVNACLPRNUIRSCCHIHAH
EPSS
0.61%
44.7th percentile
Due to improper Spring Security configuration, SAP Commerce Cloud allows an unauthenticated user to perform malicious input injection, resulting in arbitrary server-side code execution, leading to high impact on Confidentiality, Integrity, and Availability of the application.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap_se | sap_commerce_cloud_configuration | — | — |
| sap_se | sap_commerce_cloud_configuration | — | — |
| sap_se | sap_commerce_cloud_configuration | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →The vulnerability is triggered via malicious configuration upload and code injection through an unauthenticated endpoint — monitor SAP Commerce Cloud for unauthenticated POST requests to configuration upload endpoints, especially from unexpected source IPs. ↗
- →Root cause is improper Spring Security configuration — audit Spring Security filter chain configurations in SAP Commerce Cloud deployments for missing or misconfigured authentication requirements on sensitive endpoints. ↗
- →No authentication is required to exploit this flaw — alert on server-side code execution events or process spawning originating from the SAP Commerce Cloud application process without a corresponding authenticated session. ↗
- ·SAP has not reported evidence of in-the-wild exploitation as of the May 2026 patch release, but CISA has historically added SAP flaws to its KEV catalog — treat as high-priority patching. ↗
- ·The vulnerability is specific to SAP Commerce Cloud (enterprise e-commerce platform); on-premises or differently configured deployments may have different exposure depending on their Spring Security configuration. ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
SAP Commerce Cloud Configuration 2211-JDK21/COM_CLOUD 2211/HY_COM 2205 cleanup (WID-SEC-2026-1466)
vuldb·2026-05-19·CVSS 9.6
CVE-2026-34263 [CRITICAL] SAP Commerce Cloud Configuration 2211-JDK21/COM_CLOUD 2211/HY_COM 2205 cleanup (WID-SEC-2026-1466)
A vulnerability was found in SAP Commerce Cloud Configuration 2211-JDK21/COM_CLOUD 2211/HY_COM 2205. It has been rated as very critical. This vulnerability affects unknown code. The manipulation leads to incomplete cleanup.
This vulnerability is referenced as CVE-2026-34263. Remote exploitation of the attack is possible. No exploit is available.
To fix this issue, it is recommended to deploy a patch.
GHSA
GHSA-wxxf-gjw8-32x8: Due to improper Spring Security configuration, SAP Commerce cloud allows an unauthenticated user to perform malicious configuration upload and code in
ghsa_unreviewed·2026-05-12
CVE-2026-34263 [CRITICAL] CWE-459 GHSA-wxxf-gjw8-32x8: Due to improper Spring Security configuration, SAP Commerce cloud allows an unauthenticated user to perform malicious configuration upload and code in
Due to improper Spring Security configuration, SAP Commerce cloud allows an unauthenticated user to perform malicious configuration upload and code injection, resulting in arbitrary server-side code execution, leading to high impact on Confidentiality, Integrity, and Availability of the application.
No detection rules found.
No public exploits indexed.
Hackernews
⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More
blogs_hackernews·2026-05-18·CVSS 6.1
CVE-2026-42897 [MEDIUM] ⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More
Home
Threat Intelligence
Vulnerabilities
Cyber Attacks
Webinars
Expert Insights
Awards
Webinars
Awards
Free eBooks
About THN
Jobs
Advertise with us
## ⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More
Monday opens with a trust problem. A mail server flaw is under active use. A network control system was targeted. Trusted packages were poisoned. A fake model page pushed a stealer. Then came the familiar ransom claim: the data was returned and deleted.
The pattern is clear. One weak dependency can leak keys. One leaked key can open cloud access. One cloud foothold can become a production incident. AI is speeding up vulnerability discovery, attackers are moving quickly, and old exposure still keeps paying off.
Patch the quiet risks first. Let’s g
Hackernews
Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws
blogs_hackernews·2026-05-18·CVSS 9.8
CVE-2026-8043 [CRITICAL] Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws
Home
Threat Intelligence
Vulnerabilities
Cyber Attacks
Webinars
Expert Insights
Awards
Webinars
Awards
Free eBooks
About THN
Jobs
Advertise with us
## Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws
Ivanti, Fortinet, n8n, SAP, and VMware have released security fixes for various vulnerabilities that could be exploited by bad actors to bypass authentication and execute arbitrary code.
Topping the list is a critical flaw impacting Ivanti Xtraction (CVE-2026-8043, CVSS score: 9.6) that could be exploited to achieve information disclosure or client-side attacks.
"External control of a file name in Ivanti Xtraction before version 2026.2 allows a remote authenticated attacker to read sensitive files and write arbitrary HTML files to a web
Bleepingcomputer
SAP fixes critical vulnerabilities in Commerce Cloud and S/4HANA
blogs_bleepingcomputer·2026-05-12·CVSS 9.6
CVE-2026-34263 [CRITICAL] SAP fixes critical vulnerabilities in Commerce Cloud and S/4HANA
## SAP fixes critical vulnerabilities in Commerce Cloud and S/4HANA
## Sergiu Gatlan
SAP has released the May 2026 security updates addressing 15 vulnerabilities across multiple products, including two critical flaws in Commerce Cloud and S/4HANA.
Commerce Cloud is an enterprise-grade e-commerce platform used by online stores owned by large retailers and global brands, while S/4HANA is a cloud-based Enterprise Resource Planning (ERP) suite that will replace the company's on-premises ECC ERP system.
Tracked as CVE-2026-34263 , the first critical flaw is a missing authentication check in SAP Commerce Cloud that allows unauthenticated attackers to execute code on vulnerable servers.
"Due to improper Spring Security configuration, SAP Commerce cloud allows an unauthenticated user to perfo
2026-05-12
Published