April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More

April's Patch Tuesday addresses critical vulnerabilities across multiple enterprise vendors. The most severe is an SQL injection flaw (CVE-2026-27681, CVSS 9.9) affecting SAP Business Planning and Consolidation and SAP Business Warehouse, enabling arbitrary database execution. Additional critical patches were released for Adobe, Fortinet, and Microsoft products. Organizations using affected SAP solutions face heightened risk of database compromise and potential data exfiltration. Immediate patching is recommended, prioritizing the SAP SQL injection vulnerability given its near-perfect CVSS score. Organizations should also review exposed attack surfaces and implement compensating controls where immediate patching is not feasible.

A number of critical vulnerabilities impacting products from Adobe, Fortinet, Microsoft, and SAP have taken center stage in April's Patch Tuesday releases. Topping the list is an SQL injection vulnerability impacting SAP Business Planning and Consolidation and SAP Business Warehouse (CVE-2026-27681, CVSS score: 9.9) that could result in the execution of arbitrary database

April's Patch Tuesday addresses critical vulnerabilities across multiple enterprise vendors. The most severe is an SQL injection flaw (CVE-2026-27681, CVSS 9.9) affecting SAP Business Planning and Consolidation and SAP Business Warehouse, enabling arbitrary database execution. Additional critical patches were released for Adobe, Fortinet, and Microsoft products. Organizations using affected SAP solutions face heightened risk of database compromise and potential data exfiltration. Immediate patching is recommended, prioritizing the SAP SQL injection vulnerability given its near-perfect CVSS score. Organizations should also review exposed attack surfaces and implement compensating controls where immediate patching is not feasible. A number of critical vulnerabilities impacting products from Adobe, Fortinet, Microsoft, and SAP have taken center stage in April's Patch Tuesday releases. Topping the list is an SQL injection vulnerability impacting SAP Business Planning and Consolidation and SAP Business Warehouse (CVE-2026-27681, CVSS score: 9.9) that could result in the execution of arbitrary database A number of critical vulnerabilities impacting products from Adobe, Fortinet, Microsoft, and SAP have taken center stage in April's Patch Tuesday releases. Topping the list is an SQL injection vulnerability impacting SAP Business Planning and Consolidation and SAP Business Warehouse (CVE-2026-27681, CVSS score: 9.9) that could result in the execution of arbitrary database