CRITICAL 1 min read 16 Jul 2026

SAP NetWeaver ABAP Patch Update and 11 New Priority Findings

SAP NetWeaver ABAP leads today's 12-section brief after a patch-released status change, followed by new high-priority Rockwell, Red Hat, Fortinet, Spotfire, Apple, Datadog, GitHub CLI, browser, SharePoint, Microsoft and ShareFile items.

Key findings
01
UPDATED - SAP Patches CVSS 9.9 NetWeaver ABAP Flaw That Could Expose or Modify Data
CRITICAL
[Medium] Severity: Critical. Identifiers: CVE-2026-44747. Delta: Patch-released status change. SAP NetWeaver Application Server ABAP allows an authenticated attacker to use logical errors in memory management to cause memory corruption.
02
NEW - Critical Vulnerabilities Patched With Fresh Chrome 150, Firefox 152 Updates
MEDIUM
[Medium] Severity: Critical. Identifiers: URL:141E4FEF4277. Delta: New in today's intelligence. This is a source-linked critical browser patch item from the collected sweep.
03
NEW - Rockwell Automation CompactLogix and ControlLogix: multiple vulnerabilities
HIGH
[High] Severity: High. Identifiers: CVE-2025-11698, WID-SEC-2026-2338. Delta: New in today's intelligence. Rockwell Automation 5380, 5480 and 5580 controller boot firmware below version 1.072 has a denial-of-service issue.
04
NEW - CISA warns admins to patch actively exploited SharePoint flaws
MEDIUM
[Medium] Severity: High. Identifiers: URL:51DB287E8607. Delta: New in today's intelligence. This is a source-linked high-priority SharePoint exploitation item from the collected sweep.
05
NEW - July 2026 Patch Tuesday: Microsoft Patches 622 Vulnerabilities Including Two Exploited Zero-Days
MEDIUM
[Medium] Severity: High. Identifiers: URL:4427198CFA93. Delta: New in today's intelligence. This is a source-linked Microsoft Patch Tuesday analysis item from the collected sweep.
06
NEW - Progress confirms ShareFile zero-day flaw behind Storage Zone shutdown
MEDIUM
[Medium] Severity: High. Identifiers: URL:329F5A611E5E. Delta: New in today's intelligence. This is a source-linked ShareFile zero-day item from the collected sweep.
07
NEW - Red Hat Enterprise Linux (python-pillow): multiple vulnerabilities
HIGH
[High] Severity: High. Identifiers: CVE-2020-35653, CVE-2020-35655, CVE-2021-25287, CVE-2021-25288, CVE-2021-25290, CVE-2021-25292, CVE-2021-25293, CVE-2021-27921, WID-SEC-2022-1835. Delta: New in today's intelligence. The RHEL python-pillow advisory covers multiple Pillow CVEs.
08
NEW - Apple macOS Sequoia, Sonoma and Ventura: multiple vulnerabilities
HIGH
[High] Severity: High. Identifiers: CVE-2025-24119, CVE-2025-24188, CVE-2025-24224, CVE-2025-31243, CVE-2025-31273, CVE-2025-31275, CVE-2025-31277, CVE-2025-31278, WID-SEC-2025-1672. Delta: New in today's intelligence.
09
NEW - Datadog dd-trace W3C baggage extraction DoS spans six tracer ecosystems
MEDIUM
[Medium] Severity: High. Identifiers: CVE-2026-50270, CVE-2026-50271, CVE-2026-50272, CVE-2026-50273, CVE-2026-50274, CVE-2026-50276. Delta: New in today's intelligence. GitHub advisories published on 15 July describe remote unauthenticated denial-of-service exposure in Datadog tracing libraries.
10
NEW - Fortinet FortiSandbox: vulnerability allows security-control bypass
HIGH
[High] Severity: High. Identifiers: CVE-2026-59835, WID-SEC-2026-2332. Delta: New in today's intelligence. Fortinet FortiSandbox 5.0.0 through 5.0.2 and 4.4.3 through 4.4.8 may expose VM scanning VNC servers to an unauthenticated attacker through network requests.
11
NEW - Spotfire Server: vulnerability allows security-control bypass
HIGH
[High] Severity: High. Identifiers: CVE-2026-8590, WID-SEC-2026-2319. Delta: New in today's intelligence. The Spotfire Server advisory affects Spotfire Enterprise, Spotfire Enterprise with External Consumers, and Spotfire on Kubernetes server modules.
12
NEW - CVE-2026-59831 GitHub CLI gh codespace jupyter could allow remote code execution when connecting to a malicious Codespace
HIGH
[High] Severity: High. Identifiers: CVE-2026-59831. Delta: New in today's intelligence. GitHub CLI versions 2.10.0 through 2.95.0 can allow command execution when gh codespace jupyter connects to a malicious Codespace.

What changed today

Today's assessment contains 12 owner-action findings.

Recommended actions

Address Critical findings first, followed by High, Medium and Low items according to confirmed exposure and asset ownership.

Finding 01 covers SAP Patches CVSS 9.9 NetWeaver ABAP Flaw That Could Expose or Modify Data (CVE-2026-44747).

Finding 02 covers Critical Vulnerabilities Patched With Fresh Chrome 150, Firefox 152 Updates.

Finding 03 covers Rockwell Automation CompactLogix and ControlLogix: multiple vulnerabilities (CVE-2025-11698).

Finding 04 covers CISA warns admins to patch actively exploited SharePoint flaws.

Finding 05 covers July 2026 Patch Tuesday: Microsoft Patches 622 Vulnerabilities Including Two Exploited Zero-Days.

Finding 06 covers Progress confirms ShareFile zero-day flaw behind Storage Zone shutdown.

Finding 07 covers Red Hat Enterprise Linux (python-pillow): multiple vulnerabilities (CVE-2020-35653, CVE-2020-35655, CVE-2021-25287, CVE-2021-25288, CVE-2021-25290, CVE-2021-25292, CVE-2021-25293, CVE-2021-27921).

Finding 08 covers Apple macOS Sequoia, Sonoma and Ventura: multiple vulnerabilities (CVE-2025-24119, CVE-2025-24188, CVE-2025-24224, CVE-2025-31243, CVE-2025-31273, CVE-2025-31275, CVE-2025-31277, CVE-2025-31278).

Finding 09 covers Datadog dd-trace W3C baggage extraction DoS spans six tracer ecosystems (CVE-2026-50270, CVE-2026-50271, CVE-2026-50272, CVE-2026-50273, CVE-2026-50274, CVE-2026-50276).

Finding 10 covers Fortinet FortiSandbox: vulnerability allows security-control bypass (CVE-2026-59835).

Finding 11 covers Spotfire Server: vulnerability allows security-control bypass (CVE-2026-8590).

Finding 12 covers the cited vulnerability GitHub CLI gh codespace jupyter could allow remote code execution when connecting to a malicious Codespace (CVE-2026-59831).

cve-2020-35653cve-2025-11698cve-2025-24119cve-2026-44747cve-2026-50270cve-2026-59831cve-2026-59835cve-2026-8590netweaverpatch-management

Act on this brief

Map detection coverage gaps for the techniques above, or generate Sigma rules from the named CVEs.