SAP releases its June 2026 Security Patch package addressing multiple vulnerabilities across SAP products. Across the covered outlets, the update includes fixes for 15 vulnerabilities in total, with four reported at critical severity affecting SAP NetWeaver and SAP Commerce Cloud. The reported potential impacts include disclosure of sensitive information, memory corruption, and disruption of normal system operation. The fixes are delivered as part of SAP’s regular security maintenance cycle, and SAP’s patching guidance is intended to mitigate the identified risks by updating the affected components to the corrected versions included in the June release. While the outlets differ on the level of detail provided for each individual flaw, they converge on the headline items: the total number of vulnerabilities addressed in the package, the presence of critical issues in NetWeaver and Commerce Cloud, and the categories of harm those vulnerabilities could enable. Organizations using these SAP platforms are expected to apply the relevant patches according to SAP’s instructions to reduce exposure.