SQL injection Articles

SAP Patches Critical SQL Injection in S/4HANA with CVSS 9.9 Score

January 2026 Security Patch Day addresses 19 vulnerabilities including CVE-2026-0501, a critical SQL injection in S/4HANA's General Ledger that enables full system compromise through arbitrary SQL execution.

January 13, 2026 SAP SQL injection patch

MOVEit Transfer — Cl0p Mass Exploitation Affects 2,700+ Organizations

The Cl0p ransomware group exploited a zero-day vulnerability in Progress Software's MOVEit Transfer, compromising over 2,700 organizations and exposing data of 95+ million individuals in one of the largest mass exploitation events ever.

August 20, 2025 MOVEit Cl0p zero-day