CVE-2026-44748 — SAP NetWeaver AS ABAP: SAML XML Signature Wrapping (CVSS 9.9) `[SINGLE-SOURCE]`

SAP's June Patch Day (9 June) shipped multiple HotNews notes; the most severe affect NetWeaver AS ABAP and the ABAP Platform — the ERP backbone across Swiss federal/cantonal administration and EU public-sector finance. CVE-2026-44748 (CVSS 9.9) is a SAML XML Signature Wrapping flaw, paired with an unauthenticated RFC kernel memory-corruption bug (CVSS 9.8) (Onapsis; daily 06-10). Signature-wrapping bugs let an attacker forge an assertion that passes signature validation while carrying attacker-chosen identity content — an authentication bypass against SAML-federated logins. Apply the June HotNews notes; for SAML federation, verify the patched NetWeaver enforces strict assertion-to-signature binding, and hunt for logons with valid-but-anomalous assertion structure.