Jul 2026: Monthly Security Bytes

Welcome to our LGA Monthly Security Bytes!

Here, you’ll find bite-sized security developments and practical insights to help you stay ahead of day-to-day security operations.

New SAP and FortiSandbox Vulnerabilities Raise Enterprise Security Risks

Recent vulnerability disclosures affecting SAP and FortiSandbox environments are creating new opportunities for attackers to target critical business systems.

If left unaddressed, these vulnerabilities could allow attackers to bypass security controls, gain unauthorised access, execute malicious commands and compromise critical business applications that support daily operations.

LGA helps organisations strengthen visibility across their IT environment, detect suspicious activity early and respond proactively to emerging threats before they impact business operations.

Cybersecurity illustration showing SAP and FortiSandbox vulnerabilities impacting enterprise applications and security systems.

Key Security Updates

1. SAP Critical Vulnerabilities Expose Enterprise Applications

Critical vulnerabilities affecting SAP NetWeaver and SAP Commerce Cloud highlight the growing threat to enterprise applications, with attackers potentially able to bypass authentication, gain unauthorised access, and compromise critical business systems.

Critical Vulnerabilities were identified in the following:

  • SAP NetWeaver AS ABAP and ABAP Platform
  • SAP NetWeaver Application Server Java (Web Container)
  • SAP Commerce Cloud
  • SAP Data Hub


Key vulnerabilities include CVE-2026-44748 (CVSS 9.9), CVE-2026-27671 (CVSS 9.8), CVE-2026-22732 (CVSS 9.1), and CVE-2026-40128 (CVSS 9.0), which could lead to authentication bypass, unauthorised access, directory traversal, and potential system compromise.

2. Fortinet FortiSandbox Vulnerability Enables Remote Command Execution

A critical FortiSandbox vulnerability has raised concerns over potential remote command execution, where attackers could exploit affected systems without valid credentials using specially crafted requests.

Critical Vulnerabilities were identified in the following:

  • FortiSandbox 4.2 (all versions)
  • FortiSandbox 4.4.0 to 4.4.8
  • FortiSandbox 5.0.0 to 5.0.5
  • FortiSandbox Cloud 5.0.4 to 5.0.5
  • FortiSandbox PaaS 5.0.4 to 5.0.5


CVE-2026-25089 (CVSS 9.8)
is a critical OS command injection vulnerability that could allow unauthenticated attackers to execute arbitrary commands on affected FortiSandbox systems.

Keep Critical Systems Secure with Our 24/7 Security Monitoring

Concerned About Your Exposure to Emerging Vulnerabilities?

Discover how our 24/7 Security Monitoring helps organisations improve visibility, identify suspicious activity, and respond proactively to emerging threats.