{"id":609,"date":"2026-04-15T14:57:22","date_gmt":"2026-04-15T14:57:22","guid":{"rendered":"https:\/\/thedigitalfortress.us\/?p=609"},"modified":"2026-04-15T14:57:22","modified_gmt":"2026-04-15T14:57:22","slug":"april-patch-tuesday-fixes-critical-flaws-across-sap-adobe-microsoft-fortinet-and-more","status":"publish","type":"post","link":"https:\/\/thedigitalfortress.us\/?p=609","title":{"rendered":"April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More"},"content":{"rendered":"<div>\n<p><span class=\"p-author\"><i class=\"icon-font icon-user\">\ue804<\/i><span class=\"author\">Ravie Lakshmanan<\/span><i class=\"icon-font icon-calendar\">\ue802<\/i><span class=\"author\">Apr 15, 2026<\/span><\/span><span class=\"p-tags\">Vulnerability \/ Data Breach<\/span><\/p>\n<\/div>\n<div id=\"articlebody\">\n<div class=\"separator\" style=\"clear: both;\"><a href=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEj-FBwJYevQ8Ner9ypyp5-H1XIPfa5guhQXC-W4llTZuBI072vjCoxKh9PUexQBZGJIeuZXoBAKboz9xz5Gzd0p1SiT5UME0wd0lTTOS6EIh3nJ6vsAeMzGmT0P38ry2ySiLc-je0e0YAZAPDYmhw3jSfqbExcsQW5nL8syaClAcSfZziU-KPneawQFfo6p\/s1700-e365\/patches.jpg\" style=\"display: block;  text-align: center; clear: left; float: left;\"><\/a><\/div>\n<p>A number\u00a0of critical vulnerabilities impacting products from Adobe, Fortinet, Microsoft, and SAP have taken center stage in April&#8217;s Patch Tuesday\u00a0releases.<\/p>\n<p>Topping the list is an SQL injection vulnerability impacting SAP Business Planning and Consolidation and SAP Business Warehouse\u00a0(<a href=\"https:\/\/support.sap.com\/en\/my-support\/knowledge-base\/security-notes-news\/april-2026.html\">CVE-2026-27681<\/a>, CVSS score: 9.9) that could result in the execution of arbitrary database\u00a0commands.<\/p>\n<p>\u00abThe vulnerable ABAP program allows a low-privileged user to upload a file with arbitrary SQL statements that will then be executed,\u00bb\u00a0Onapsis <a href=\"https:\/\/onapsis.com\/blog\/sap-security-notes-april-2026-patch-day\/\">said<\/a> in an\u00a0advisory.<\/p>\n<p>In a potential attack scenario, a bad actor could abuse the affected upload-related functionality to run malicious SQL against BW\/BPC data stores, extract sensitive data, and delete or corrupt database\u00a0content.<\/p>\n<p>\u00abManipulated planning figures, broken reports, or deleted consolidation data can undermine close processes, executive reporting, and operational planning,\u00bb\u00a0Pathlock <a href=\"https:\/\/pathlock.com\/blog\/security-alerts\/sap-patch-day-april-2026-critical-sql-injection-authorization-flaws\/\">said<\/a>. \u00abIn the wrong hands, this issue also creates a credible path to both stealthy data theft and overt business disruption.\u00bb<\/p>\n<p>Another security vulnerability that deserves a mention is a critical-severity remote code execution in Adobe Acrobat Reader\u00a0(CVE-2026-34621, CVSS score: 8.6) that has come under active exploitation in the\u00a0wild.<\/p>\n<div class=\"dog_two clear\">\n<div class=\"cf\"><a href=\"https:\/\/thehackernews.uk\/vpn-risk-report-inside-d\" rel=\"nofollow noopener sponsored\" target=\"_blank\"><img loading=\"lazy\" decoding=\"async\" class=\"lazyload\" alt=\"Cybersecurity\" src=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgWajeG0cdaapf1GKTZRUZUB7BzuYGegyw5k0eAorJXlmkFdYCCeLXXhXYJuXU9lWD33rV6rRnIyly3czoNfYifpxk1eGA5slItPmim3HkubXoQMgC4J7hdQPywxGbWq7Eqeff_o6s2Fq-WmSFd5guwdLn7IqpveMqULqtVnd-ndnljWYGj45EkMFB7m0qm\/s728-e100\/z-d.jpg\" width=\"729\" height=\"91\"\/><\/a><\/div>\n<\/div>\n<p>That said, there are many unknowns at this stage. It\u00a0is not clear how many people have been affected by the hacking campaign. Nor\u00a0is there any information about who is behind the activity, who is being targeted, and what their motives could\u00a0be.<\/p>\n<p>Also <a href=\"https:\/\/helpx.adobe.com\/security\/security-bulletin.html\">patched<\/a> by Adobe\u00a0are <a href=\"https:\/\/helpx.adobe.com\/security\/products\/coldfusion\/apsb26-38.html\">five critical flaws in ColdFusion versions 2025 and\u00a02023<\/a> that, if successfully exploited, could lead to\u202farbitrary code execution, application denial-of-service, arbitrary file system read, and security feature\u00a0bypass.<\/p>\n<p><a name=\"more\"\/><\/p>\n<p>The vulnerabilities are listed below\u00a0&#8211;<\/p>\n<ul>\n<li><strong>CVE-2026-34619<\/strong> (CVSS score: 7.7) &#8211; A path traversal vulnerability leading to security feature bypass<\/li>\n<li><strong>CVE-2026-27304<\/strong> (CVSS score: 9.3) &#8211; An improper input validation vulnerability leading to arbitrary code execution<\/li>\n<li><strong>CVE-2026-27305<\/strong> (CVSS score: 8.6) &#8211; A path traversal vulnerability leading to arbitrary file system read<\/li>\n<li><strong>CVE-2026-27282<\/strong> (CVSS score: 7.5) &#8211; An improper input validation vulnerability leading to security feature bypass<\/li>\n<li><strong>CVE-2026-27306<\/strong> (CVSS score: 8.4) &#8211; An improper input validation vulnerability leading to arbitrary code execution<\/li>\n<\/ul>\n<p>Fixes have\u00a0also been\u00a0released for two critical FortiSandbox vulnerabilities that could result in authentication bypass and code execution\u00a0&#8211;<\/p>\n<ul>\n<li><strong><a href=\"https:\/\/fortiguard.fortinet.com\/psirt\/FG-IR-26-112\">CVE-2026-39813<\/a><\/strong> (CVSS score: 9.1) &#8211; A path traversal vulnerability in FortiSandbox JRPC API that could allow an unauthenticated attacker to bypass authentication via specially crafted HTTP requests. (Fixed in versions 4.4.9\u00a0and 5.0.6)<\/li>\n<li><strong><a href=\"https:\/\/fortiguard.fortinet.com\/psirt\/FG-IR-26-100\">CVE-2026-39808<\/a><\/strong> (CVSS score: 9.1) &#8211; An operating system command injection vulnerability in FortiSandbox that could allow an unauthenticated attacker to execute unauthorized code or commands via crafted HTTP requests. (Fixed in version 4.4.9)<\/li>\n<\/ul>\n<p>The development comes as\u00a0Microsoft addressed a staggering 169 security defects, including a spoofing vulnerability impacting Microsoft SharePoint Server (CVE-2026-32201, CVSS score: 6.5) that could allow an attacker to view sensitive information. The\u00a0company said\u00a0it&#8217;s being actively\u00a0exploited, although there are no insights into the in-the-wild exploitation associated with the\u00a0bug.<\/p>\n<div class=\"dog_two clear\">\n<div class=\"cf\"><a href=\"https:\/\/thehackernews.uk\/fast-response-not-fast-d\" rel=\"nofollow noopener sponsored\" target=\"_blank\"><img loading=\"lazy\" decoding=\"async\" class=\"lazyload\" alt=\"Cybersecurity\" src=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjgi9mu68zRUz1nCLLKmkAA2aBtNfP_JOTXulZoB6yImso1Onk7oM_LI0kdROu8fq5S5oDyMtd1j50W44Ye_8Sl3zQZiE8A9tmFr6kejGKjGh74uoxluF-RyBq_unDQlzjXZHCqQeuYXBoogda5zf0w-zXd6v0rIM7fEw6TcFf_QGWBu5Mop-djkEaOUa5A\/s728-e100\/tl-d.jpg\" width=\"729\" height=\"91\"\/><\/a><\/div>\n<\/div>\n<p>\u00abSharePoint services, especially those used as internal document stores, can be a treasure trove for threat actors looking to steal data, especially data\u00a0that may be\u00a0leveraged to force ransom payments using double extortion techniques by threatening to release the stolen data if payment is not made,\u00bb Kev Breen, senior director of threat research at Immersive,\u00a0said.<\/p>\n<p>\u00abA secondary concern is that threat actors with access to SharePoint services could deploy weaponised documents or replace legitimate documents with infected versions that would allow them to spread to other hosts or victims moving laterally across the organization.\u00bb<\/p>\n<h2 style=\"text-align: left;\">Software Patches from Other\u00a0Vendors<\/h2>\n<p>In addition to Microsoft, security updates have\u00a0also been\u00a0released by other vendors over the past several weeks to rectify several vulnerabilities, including\u00a0\u2014<\/p>\n<ul>\n<li><a href=\"https:\/\/www.abb.com\/global\/en\/company\/about\/cybersecurity\/alerts-and-notifications\">ABB<\/a><\/li>\n<li><a href=\"https:\/\/aws.amazon.com\/security\/security-bulletins\/\">Amazon Web Services<\/a><\/li>\n<li><a href=\"https:\/\/www.amd.com\/en\/resources\/product-security.html#security\">AMD<\/a><\/li>\n<li><a href=\"https:\/\/support.apple.com\/en-us\/HT201222\">Apple<\/a><\/li>\n<li><a href=\"https:\/\/www.asus.com\/security-advisory\/\">ASUS<\/a><\/li>\n<li><a href=\"https:\/\/www.aveva.com\/en\/support-and-success\/cyber-security-updates\/\">AVEVA<\/a><\/li>\n<li><a href=\"https:\/\/support.broadcom.com\/web\/ecx\/security-advisory\">Broadcom<\/a> (including VMware)<\/li>\n<li><a href=\"https:\/\/psirt.canon\/advisory-information\/#id_2229656\">Canon<\/a><\/li>\n<li><a href=\"https:\/\/tools.cisco.com\/security\/center\/publicationListing.x\">Cisco<\/a><\/li>\n<li><a href=\"https:\/\/support.citrix.com\/support-home\/topic-article-list?trendingCategory=20&amp;trendingTopicName=Latest%20Security%20Bulletin\">Citrix<\/a><\/li>\n<li><a href=\"https:\/\/www.codesys.com\/ecosystem\/security\/latest-codesys-security-advisories\/\">CODESYS<\/a><\/li>\n<li><a href=\"https:\/\/supportannouncement.us.dlink.com\/\">D-Link<\/a><\/li>\n<li><a href=\"https:\/\/www.3ds.com\/trust-center\/security\/security-advisories\">Dassault Syst\u00e8mes<\/a><\/li>\n<li><a href=\"https:\/\/www.dell.com\/support\/security\/\">Dell<\/a><\/li>\n<li><a href=\"https:\/\/devolutions.net\/security\/advisories\/\">Devolutions<\/a><\/li>\n<li><a href=\"https:\/\/www.dormakabagroup.com\/en\/security-advisories\">dormakaba<\/a><\/li>\n<li><a href=\"https:\/\/www.drupal.org\/security\">Drupal<\/a><\/li>\n<li><a href=\"https:\/\/discuss.elastic.co\/c\/announcements\/security-announcements\/31\">Elastic<\/a><\/li>\n<li><a href=\"https:\/\/my.f5.com\/manage\/s\/new-updated-articles#f-f5_document_type=Security%20Advisory&amp;aq=%40f5_original_published_date%20%3E%3D%20now-7d\">F5<\/a><\/li>\n<li><a href=\"https:\/\/www.fortiguard.com\/psirt\">Fortinet<\/a><\/li>\n<li><a href=\"https:\/\/www.foxit.com\/support\/security-bulletins.html\">Foxit Software<\/a><\/li>\n<li><a href=\"https:\/\/www.fujifilm.com\/fbglobal\/eng\/company\/news\/notice\">FUJIFILM<\/a><\/li>\n<li><a href=\"https:\/\/www.gigabyte.com\/us\/Support\/Security\">Gigabyte<\/a><\/li>\n<li><a href=\"https:\/\/docs.gitlab.com\/releases\/18\/patch-release-gitlab-18-10-3-released\/\">GitLab<\/a><\/li>\n<li>Google <a href=\"https:\/\/source.android.com\/docs\/security\/bulletin\/2026\/2026-04-01\">Android<\/a> and <a href=\"https:\/\/source.android.com\/docs\/security\/bulletin\/pixel\/2026\/2026-04-01\">Pixel<\/a><\/li>\n<li><a href=\"https:\/\/chromereleases.googleblog.com\/\">Google Chrome<\/a><\/li>\n<li><a href=\"https:\/\/cloud.google.com\/support\/bulletins\">Google Cloud<\/a><\/li>\n<li><a href=\"https:\/\/grafana.com\/security\/security-advisories\/\">Grafana<\/a><\/li>\n<li><a href=\"https:\/\/www.hitachienergy.com\/in\/en\/products-and-solutions\/cybersecurity\/alerts-and-notifications\">Hitachi Energy<\/a><\/li>\n<li><a href=\"https:\/\/support.hp.com\/us-en\/security-bulletins\">HP<\/a><\/li>\n<li><a href=\"https:\/\/support.hpe.com\/connect\/s\/securitybulletinlibrary?language=en_US#sort=%40hpescuniversaldate%20descending&amp;layout=table&amp;numberOfResults=25&amp;f:@kmdoclanguagecode=[cv1871440]&amp;hpe=1\">HP Enterprise<\/a> (including Aruba Networking and <a href=\"https:\/\/supportportal.juniper.net\/s\/global-search\/%40uri?language=en_US#sort=date%20descending&amp;f:ctype=[Security%20Advisories]\">Juniper Networks<\/a>)<\/li>\n<li><a href=\"https:\/\/www.huawei.com\/en\/psirt\/all-bulletins\">Huawei<\/a><\/li>\n<li><a href=\"https:\/\/www.ibm.com\/support\/pages\/bulletin\/\">IBM<\/a><\/li>\n<li><a href=\"https:\/\/hub.ivanti.com\/s\/searchallcontent?language=en_US#q=CVE&amp;sortCriteria=date%20descending&amp;f-sfkbknowledgearticletypec=Security%20Advisory&amp;f-commonlanguage=English\">Ivanti<\/a><\/li>\n<li><a href=\"https:\/\/www.jenkins.io\/security\/advisories\/\">Jenkins<\/a><\/li>\n<li><a href=\"https:\/\/support.lenovo.com\/us\/en\/product_security\/ps500001-lenovo-product-security-advisories\">Lenovo<\/a><\/li>\n<li>Linux distributions <a href=\"https:\/\/errata.almalinux.org\">AlmaLinux<\/a>, <a href=\"https:\/\/security.alpinelinux.org\">Alpine Linux<\/a>, <a href=\"https:\/\/alas.aws.amazon.com\">Amazon Linux<\/a>, <a href=\"https:\/\/security.archlinux.org\/advisory\">Arch Linux<\/a>, <a href=\"https:\/\/www.debian.org\/security\/#DSAS\">Debian<\/a>, <a href=\"https:\/\/security.gentoo.org\/glsa\">Gentoo<\/a>, <a href=\"https:\/\/linux.oracle.com\/ords\/f?p=105:21::::RP::\">Oracle Linux<\/a>, <a href=\"https:\/\/advisories.mageia.org\">Mageia<\/a>, <a href=\"https:\/\/access.redhat.com\/security\/security-updates\/security-advisories\">Red Hat<\/a>, <a href=\"https:\/\/errata.rockylinux.org\/\">Rocky Linux<\/a>, <a href=\"https:\/\/www.suse.com\/support\/update\/\">SUSE<\/a>, and <a href=\"https:\/\/ubuntu.com\/security\/notices\">Ubuntu<\/a><\/li>\n<li><a href=\"https:\/\/corp.mediatek.com\/product-security-bulletin\/April-2026\">MediaTek<\/a><\/li>\n<li><a href=\"https:\/\/www.mitel.com\/support\/security-advisories\">Mitel<\/a><\/li>\n<li><a href=\"https:\/\/www.mitsubishielectric.com\/en\/psirt\/vulnerability\/index.html\">Mitsubishi Electric<\/a><\/li>\n<li><a href=\"https:\/\/www.mongodb.com\/resources\/products\/mongodb-security-bulletins\">MongoDB<\/a><\/li>\n<li><a href=\"https:\/\/www.moxa.com\/en\/support\/product-support\/security-advisory\">Moxa<\/a><\/li>\n<li>Mozilla <a href=\"https:\/\/www.mozilla.org\/en-US\/security\/advisories\/\">Firefox, Firefox ESR, and Thunderbird<\/a><\/li>\n<li><a href=\"https:\/\/www.netgear.com\/about\/security\/\">NETGEAR<\/a><\/li>\n<li><a href=\"https:\/\/nodejs.org\/en\/blog\/vulnerability\/march-2026-security-releases\">Node.js<\/a><\/li>\n<li><a href=\"https:\/\/www.nvidia.com\/en-us\/security\/\">NVIDIA<\/a><\/li>\n<li><a href=\"https:\/\/owncloud.com\/security\/\">ownCloud<\/a><\/li>\n<li><a href=\"https:\/\/security.paloaltonetworks.com\/\">Palo Alto Networks<\/a><\/li>\n<li><a href=\"https:\/\/www.phoenixcontact.com\/en-pc\/service-and-support\/psirt\">Phoenix Contact<\/a><\/li>\n<li><a href=\"https:\/\/community.progress.com\/s\/global-search\/%40uri#t=KnowledgeBase&amp;sort=date%20descending&amp;numberOfResults=100&amp;f:@sfdcareaofinterest=[Defects]&amp;f:@sfarticletypec=[Product_Alert,Critical_Alert]\">Progress Software<\/a><\/li>\n<li><a href=\"https:\/\/www.qnap.com\/en\/security-advisories\">QNAP<\/a><\/li>\n<li><a href=\"https:\/\/docs.qualcomm.com\/product\/publicresources\/securitybulletin\/\">Qualcomm<\/a><\/li>\n<li><a href=\"https:\/\/www.rockwellautomation.com\/en-us\/company\/about-us\/sustainability\/trust-security\/security-advisories.html?sort=pubAsc\">Rockwell Automation<\/a><\/li>\n<li><a href=\"https:\/\/support.ruckuswireless.com\/security\">Ruckus Wireless<\/a><\/li>\n<li><a href=\"https:\/\/security.samsungmobile.com\/securityUpdate.smsb\">Samsung<\/a><\/li>\n<li><a href=\"https:\/\/www.se.com\/ww\/en\/work\/support\/cybersecurity\/security-notifications.jsp\">Schneider Electric<\/a><\/li>\n<li><a href=\"https:\/\/new.siemens.com\/global\/en\/products\/services\/cert.html#SecurityPublications\">Siemens<\/a><\/li>\n<li><a href=\"https:\/\/www.sonicwall.com\/search\/#t=Support&amp;sort=date%20descending&amp;f:sourceTypeFacetId=[Notices]&amp;f:@language=[English]\">SonicWall<\/a><\/li>\n<li><a href=\"https:\/\/advisory.splunk.com\/\">Splunk<\/a><\/li>\n<li><a href=\"https:\/\/spring.io\/security\">Spring Framework<\/a><\/li>\n<li><a href=\"https:\/\/www.supermicro.com\/en\/support\/security_center#!advisories\">Supermicro<\/a><\/li>\n<li><a href=\"https:\/\/www.synology.com\/en-in\/security\/advisory\">Synology<\/a><\/li>\n<li><a href=\"https:\/\/www.tp-link.com\/us\/press\/security-advisory\/\">TP-Link<\/a><\/li>\n<li><a href=\"https:\/\/www.watchguard.com\/wgrd-psirt\/advisories\">WatchGuard<\/a>, and<\/li>\n<li><a href=\"https:\/\/trust.mi.com\/zh-CN\/misrc\/bulletins?tab=advisory\">Xiaomi<\/a><\/li>\n<\/ul>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>\ue804Ravie Lakshmanan\ue802Apr 15, 2026Vulnerability \/ Data Breach A number\u00a0of critical vulnerabilities impacting products from Adobe, Fortinet, Microsoft, and SAP have taken center stage in April&#8217;s Patch Tuesday\u00a0releases. Topping the list&hellip;<\/p>\n","protected":false},"author":1,"featured_media":610,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[1135,812,58,655,11,1075,147,348,1231,349],"class_list":["post-609","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized","tag-adobe","tag-april","tag-critical","tag-fixes","tag-flaws","tag-fortinet","tag-microsoft","tag-patch","tag-sap","tag-tuesday"],"_links":{"self":[{"href":"https:\/\/thedigitalfortress.us\/index.php?rest_route=\/wp\/v2\/posts\/609","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/thedigitalfortress.us\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/thedigitalfortress.us\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/thedigitalfortress.us\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/thedigitalfortress.us\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=609"}],"version-history":[{"count":0,"href":"https:\/\/thedigitalfortress.us\/index.php?rest_route=\/wp\/v2\/posts\/609\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/thedigitalfortress.us\/index.php?rest_route=\/wp\/v2\/media\/610"}],"wp:attachment":[{"href":"https:\/\/thedigitalfortress.us\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=609"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/thedigitalfortress.us\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=609"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/thedigitalfortress.us\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=609"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}