1. Critical Unpatched SQL Injection Vulnerability in SAP S/4HANA Exposes Sensitive Enterprise Data to Authenticated Attackers
A critical SQL injection flaw, tracked as CVE-2026-34260 with a CVSS score of 9.6, has been identified in SAP S/4HANA systems running SAP_BASIS versions 751 through 816. The vulnerability allows authenticated attackers to access sensitive data and potentially crash applications. No patch is currently available, leaving...