Search

Find a vulnerability

Search criteria

    8 vulnerabilities found for Microsoft SQL Server 2022 for x64-based Systems (CU 25) by Microsoft

    CVE-2026-47295 (GCVE-0-2026-47295)

    Vulnerability from nvd – Published: 2026-07-14 17:08 – Updated: 2026-07-15 11:16
    VLAI
    Title
    Microsoft SQL Server Elevation of Privilege Vulnerability
    Summary
    Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
    Assigner
    References
    Date Public
    2026-07-14 14:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-47295",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-15T03:55:53.003532Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-15T11:16:30.462Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2016 Service Pack 3 (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "13.0.6500.1",
                  "status": "affected",
                  "version": "13.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "13.0.7095.1",
                  "status": "affected",
                  "version": "13.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2017 (CU 31)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "14.0.3540.1",
                  "status": "affected",
                  "version": "14.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2017 (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "14.0.2120.1",
                  "status": "affected",
                  "version": "14.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2019 (CU 32)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "15.0.4480.2",
                  "status": "affected",
                  "version": "15.0.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2019 (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "15.0.2180.2",
                  "status": "affected",
                  "version": "15.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2022 (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.1190.2",
                  "status": "affected",
                  "version": "16.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Microsoft SQL Server 2022 for x64-based Systems (CU 25)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.4262.2",
                  "status": "affected",
                  "version": "16.0.4260.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Microsoft SQL Server 2025 (CU 6)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "17.0.4060.2",
                  "status": "affected",
                  "version": "17.0.4060.2",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2025 for x64-based Systems (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "17.0.1125.2",
                  "status": "affected",
                  "version": "17.0.1050.2",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "16.0.4262.2",
                      "versionStartIncluding": "16.0.4260.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "17.0.4060.2",
                      "versionStartIncluding": "17.0.4060.2",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
                      "versionEndExcluding": "14.0.2120.1",
                      "versionStartIncluding": "14.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "15.0.2180.2",
                      "versionStartIncluding": "15.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
                      "versionEndExcluding": "13.0.6500.1",
                      "versionStartIncluding": "13.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
                      "versionEndExcluding": "13.0.7095.1",
                      "versionStartIncluding": "13.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
                      "versionEndExcluding": "14.0.3540.1",
                      "versionStartIncluding": "14.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "16.0.1190.2",
                      "versionStartIncluding": "16.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "17.0.1125.2",
                      "versionStartIncluding": "17.0.1050.2",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "15.0.4480.2",
                      "versionStartIncluding": "15.0.0.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2026-07-14T14:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Improper neutralization of special elements used in an sql command (\u0027sql injection\u0027) in SQL Server allows an authorized attacker to elevate privileges over a network."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T19:40:06.219Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft SQL Server Elevation of Privilege Vulnerability",
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47295"
            }
          ],
          "title": "Microsoft SQL Server Elevation of Privilege Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2026-47295",
        "datePublished": "2026-07-14T17:08:01.082Z",
        "dateReserved": "2026-05-18T23:53:33.897Z",
        "dateUpdated": "2026-07-15T11:16:30.462Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-55002 (GCVE-0-2026-55002)

    Vulnerability from nvd – Published: 2026-07-14 17:05 – Updated: 2026-07-15 03:57
    VLAI
    Title
    Microsoft SQL Server Elevation of Privilege Vulnerability
    Summary
    External control of file name or path in SQL Server allows an authorized attacker to elevate privileges locally.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-73 - External Control of File Name or Path
    Assigner
    References
    Date Public
    2026-07-14 14:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-55002",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-10T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-15T03:57:09.134Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2016 Service Pack 3 (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "13.0.6500.1",
                  "status": "affected",
                  "version": "13.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "13.0.7095.1",
                  "status": "affected",
                  "version": "13.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2017 (CU 31)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "14.0.3540.1",
                  "status": "affected",
                  "version": "14.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2017 (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "14.0.2120.1",
                  "status": "affected",
                  "version": "14.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2019 (CU 32)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "15.0.4480.2",
                  "status": "affected",
                  "version": "15.0.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2019 (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "15.0.2180.2",
                  "status": "affected",
                  "version": "15.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2022 (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.1190.2",
                  "status": "affected",
                  "version": "16.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Microsoft SQL Server 2022 for x64-based Systems (CU 25)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.4262.2",
                  "status": "affected",
                  "version": "16.0.4260.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Microsoft SQL Server 2025 (CU 6)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "17.0.4060.2",
                  "status": "affected",
                  "version": "17.0.4060.2",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2025 for x64-based Systems (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "17.0.1125.2",
                  "status": "affected",
                  "version": "17.0.1050.2",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "15.0.2180.2",
                      "versionStartIncluding": "15.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "15.0.4480.2",
                      "versionStartIncluding": "15.0.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "17.0.4060.2",
                      "versionStartIncluding": "17.0.4060.2",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "17.0.1125.2",
                      "versionStartIncluding": "17.0.1050.2",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "16.0.1190.2",
                      "versionStartIncluding": "16.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "16.0.4262.2",
                      "versionStartIncluding": "16.0.4260.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
                      "versionEndExcluding": "13.0.6500.1",
                      "versionStartIncluding": "13.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
                      "versionEndExcluding": "13.0.7095.1",
                      "versionStartIncluding": "13.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
                      "versionEndExcluding": "14.0.2120.1",
                      "versionStartIncluding": "14.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
                      "versionEndExcluding": "14.0.3540.1",
                      "versionStartIncluding": "14.0.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2026-07-14T14:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "External control of file name or path in SQL Server allows an authorized attacker to elevate privileges locally."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-73",
                  "description": "CWE-73: External Control of File Name or Path",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T19:37:13.226Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft SQL Server Elevation of Privilege Vulnerability",
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-55002"
            }
          ],
          "title": "Microsoft SQL Server Elevation of Privilege Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2026-55002",
        "datePublished": "2026-07-14T17:05:06.049Z",
        "dateReserved": "2026-06-16T14:10:05.869Z",
        "dateUpdated": "2026-07-15T03:57:09.134Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-54118 (GCVE-0-2026-54118)

    Vulnerability from nvd – Published: 2026-07-14 17:05 – Updated: 2026-07-15 10:29
    VLAI
    Title
    Microsoft SQL Server Remote Code Execution Vulnerability
    Summary
    Deserialization of untrusted data in SQL Server allows an authorized attacker to execute code over a network.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-502 - Deserialization of Untrusted Data
    Assigner
    References
    Date Public
    2026-07-14 14:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-54118",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-15T04:00:44.039215Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-15T10:29:22.407Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2016 Service Pack 3 (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "13.0.6500.1",
                  "status": "affected",
                  "version": "13.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "13.0.7095.1",
                  "status": "affected",
                  "version": "13.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2017 (CU 31)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "14.0.3540.1",
                  "status": "affected",
                  "version": "14.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2017 (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "14.0.2120.1",
                  "status": "affected",
                  "version": "14.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2019 (CU 32)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "15.0.4480.2",
                  "status": "affected",
                  "version": "15.0.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2019 (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "15.0.2180.2",
                  "status": "affected",
                  "version": "15.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2022 (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.1190.2",
                  "status": "affected",
                  "version": "16.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Microsoft SQL Server 2022 for x64-based Systems (CU 25)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.4262.2",
                  "status": "affected",
                  "version": "16.0.4260.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Microsoft SQL Server 2025 (CU 6)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "17.0.4060.2",
                  "status": "affected",
                  "version": "17.0.4060.2",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2025 for x64-based Systems (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "17.0.1125.2",
                  "status": "affected",
                  "version": "17.0.1050.2",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
                      "versionEndExcluding": "13.0.7095.1",
                      "versionStartIncluding": "13.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "15.0.2180.2",
                      "versionStartIncluding": "15.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "16.0.1190.2",
                      "versionStartIncluding": "16.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
                      "versionEndExcluding": "14.0.3540.1",
                      "versionStartIncluding": "14.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "15.0.4480.2",
                      "versionStartIncluding": "15.0.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "16.0.4262.2",
                      "versionStartIncluding": "16.0.4260.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "17.0.1125.2",
                      "versionStartIncluding": "17.0.1050.2",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "17.0.4060.2",
                      "versionStartIncluding": "17.0.4060.2",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
                      "versionEndExcluding": "13.0.6500.1",
                      "versionStartIncluding": "13.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
                      "versionEndExcluding": "14.0.2120.1",
                      "versionStartIncluding": "14.0.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2026-07-14T14:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Deserialization of untrusted data in SQL Server allows an authorized attacker to execute code over a network."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-502",
                  "description": "CWE-502: Deserialization of Untrusted Data",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T19:37:12.651Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft SQL Server Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-54118"
            }
          ],
          "title": "Microsoft SQL Server Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2026-54118",
        "datePublished": "2026-07-14T17:05:05.500Z",
        "dateReserved": "2026-06-11T20:33:37.835Z",
        "dateUpdated": "2026-07-15T10:29:22.407Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-47296 (GCVE-0-2026-47296)

    Vulnerability from nvd – Published: 2026-07-14 17:04 – Updated: 2026-07-14 19:36
    VLAI
    Title
    Microsoft SQL Server Elevation of Privilege Vulnerability
    Summary
    Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges locally.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
    Assigner
    References
    Date Public
    2026-07-14 14:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-47296",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-14T17:44:42.492075Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-14T17:59:33.770Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2016 Service Pack 3 (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "13.0.6500.1",
                  "status": "affected",
                  "version": "13.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "13.0.7095.1",
                  "status": "affected",
                  "version": "13.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2017 (CU 31)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "14.0.3540.1",
                  "status": "affected",
                  "version": "14.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2017 (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "14.0.2120.1",
                  "status": "affected",
                  "version": "14.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2019 (CU 32)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "15.0.4480.2",
                  "status": "affected",
                  "version": "15.0.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2019 (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "15.0.2180.2",
                  "status": "affected",
                  "version": "15.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2022 (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.1190.2",
                  "status": "affected",
                  "version": "16.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Microsoft SQL Server 2022 for x64-based Systems (CU 25)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.4262.2",
                  "status": "affected",
                  "version": "16.0.4260.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Microsoft SQL Server 2025 (CU 6)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "17.0.4060.2",
                  "status": "affected",
                  "version": "17.0.4060.2",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2025 for x64-based Systems (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "17.0.1125.2",
                  "status": "affected",
                  "version": "17.0.1050.2",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "16.0.4262.2",
                      "versionStartIncluding": "16.0.4260.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "17.0.4060.2",
                      "versionStartIncluding": "17.0.4060.2",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
                      "versionEndExcluding": "14.0.2120.1",
                      "versionStartIncluding": "14.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "15.0.2180.2",
                      "versionStartIncluding": "15.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
                      "versionEndExcluding": "13.0.6500.1",
                      "versionStartIncluding": "13.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
                      "versionEndExcluding": "13.0.7095.1",
                      "versionStartIncluding": "13.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
                      "versionEndExcluding": "14.0.3540.1",
                      "versionStartIncluding": "14.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "16.0.1190.2",
                      "versionStartIncluding": "16.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "17.0.1125.2",
                      "versionStartIncluding": "17.0.1050.2",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "15.0.4480.2",
                      "versionStartIncluding": "15.0.0.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2026-07-14T14:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Improper neutralization of special elements used in an sql command (\u0027sql injection\u0027) in SQL Server allows an authorized attacker to elevate privileges locally."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T19:36:23.304Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft SQL Server Elevation of Privilege Vulnerability",
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47296"
            }
          ],
          "title": "Microsoft SQL Server Elevation of Privilege Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2026-47296",
        "datePublished": "2026-07-14T17:04:15.041Z",
        "dateReserved": "2026-05-18T23:53:33.897Z",
        "dateUpdated": "2026-07-14T19:36:23.304Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-47295 (GCVE-0-2026-47295)

    Vulnerability from cvelistv5 – Published: 2026-07-14 17:08 – Updated: 2026-07-15 11:16
    VLAI
    Title
    Microsoft SQL Server Elevation of Privilege Vulnerability
    Summary
    Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
    Assigner
    References
    Date Public
    2026-07-14 14:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-47295",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-15T03:55:53.003532Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-15T11:16:30.462Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2016 Service Pack 3 (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "13.0.6500.1",
                  "status": "affected",
                  "version": "13.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "13.0.7095.1",
                  "status": "affected",
                  "version": "13.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2017 (CU 31)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "14.0.3540.1",
                  "status": "affected",
                  "version": "14.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2017 (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "14.0.2120.1",
                  "status": "affected",
                  "version": "14.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2019 (CU 32)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "15.0.4480.2",
                  "status": "affected",
                  "version": "15.0.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2019 (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "15.0.2180.2",
                  "status": "affected",
                  "version": "15.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2022 (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.1190.2",
                  "status": "affected",
                  "version": "16.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Microsoft SQL Server 2022 for x64-based Systems (CU 25)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.4262.2",
                  "status": "affected",
                  "version": "16.0.4260.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Microsoft SQL Server 2025 (CU 6)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "17.0.4060.2",
                  "status": "affected",
                  "version": "17.0.4060.2",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2025 for x64-based Systems (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "17.0.1125.2",
                  "status": "affected",
                  "version": "17.0.1050.2",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "16.0.4262.2",
                      "versionStartIncluding": "16.0.4260.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "17.0.4060.2",
                      "versionStartIncluding": "17.0.4060.2",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
                      "versionEndExcluding": "14.0.2120.1",
                      "versionStartIncluding": "14.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "15.0.2180.2",
                      "versionStartIncluding": "15.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
                      "versionEndExcluding": "13.0.6500.1",
                      "versionStartIncluding": "13.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
                      "versionEndExcluding": "13.0.7095.1",
                      "versionStartIncluding": "13.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
                      "versionEndExcluding": "14.0.3540.1",
                      "versionStartIncluding": "14.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "16.0.1190.2",
                      "versionStartIncluding": "16.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "17.0.1125.2",
                      "versionStartIncluding": "17.0.1050.2",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "15.0.4480.2",
                      "versionStartIncluding": "15.0.0.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2026-07-14T14:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Improper neutralization of special elements used in an sql command (\u0027sql injection\u0027) in SQL Server allows an authorized attacker to elevate privileges over a network."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T19:40:06.219Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft SQL Server Elevation of Privilege Vulnerability",
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47295"
            }
          ],
          "title": "Microsoft SQL Server Elevation of Privilege Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2026-47295",
        "datePublished": "2026-07-14T17:08:01.082Z",
        "dateReserved": "2026-05-18T23:53:33.897Z",
        "dateUpdated": "2026-07-15T11:16:30.462Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-55002 (GCVE-0-2026-55002)

    Vulnerability from cvelistv5 – Published: 2026-07-14 17:05 – Updated: 2026-07-15 03:57
    VLAI
    Title
    Microsoft SQL Server Elevation of Privilege Vulnerability
    Summary
    External control of file name or path in SQL Server allows an authorized attacker to elevate privileges locally.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-73 - External Control of File Name or Path
    Assigner
    References
    Date Public
    2026-07-14 14:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-55002",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-10T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-15T03:57:09.134Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2016 Service Pack 3 (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "13.0.6500.1",
                  "status": "affected",
                  "version": "13.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "13.0.7095.1",
                  "status": "affected",
                  "version": "13.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2017 (CU 31)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "14.0.3540.1",
                  "status": "affected",
                  "version": "14.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2017 (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "14.0.2120.1",
                  "status": "affected",
                  "version": "14.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2019 (CU 32)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "15.0.4480.2",
                  "status": "affected",
                  "version": "15.0.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2019 (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "15.0.2180.2",
                  "status": "affected",
                  "version": "15.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2022 (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.1190.2",
                  "status": "affected",
                  "version": "16.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Microsoft SQL Server 2022 for x64-based Systems (CU 25)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.4262.2",
                  "status": "affected",
                  "version": "16.0.4260.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Microsoft SQL Server 2025 (CU 6)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "17.0.4060.2",
                  "status": "affected",
                  "version": "17.0.4060.2",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2025 for x64-based Systems (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "17.0.1125.2",
                  "status": "affected",
                  "version": "17.0.1050.2",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "15.0.2180.2",
                      "versionStartIncluding": "15.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "15.0.4480.2",
                      "versionStartIncluding": "15.0.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "17.0.4060.2",
                      "versionStartIncluding": "17.0.4060.2",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "17.0.1125.2",
                      "versionStartIncluding": "17.0.1050.2",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "16.0.1190.2",
                      "versionStartIncluding": "16.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "16.0.4262.2",
                      "versionStartIncluding": "16.0.4260.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
                      "versionEndExcluding": "13.0.6500.1",
                      "versionStartIncluding": "13.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
                      "versionEndExcluding": "13.0.7095.1",
                      "versionStartIncluding": "13.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
                      "versionEndExcluding": "14.0.2120.1",
                      "versionStartIncluding": "14.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
                      "versionEndExcluding": "14.0.3540.1",
                      "versionStartIncluding": "14.0.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2026-07-14T14:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "External control of file name or path in SQL Server allows an authorized attacker to elevate privileges locally."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-73",
                  "description": "CWE-73: External Control of File Name or Path",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T19:37:13.226Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft SQL Server Elevation of Privilege Vulnerability",
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-55002"
            }
          ],
          "title": "Microsoft SQL Server Elevation of Privilege Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2026-55002",
        "datePublished": "2026-07-14T17:05:06.049Z",
        "dateReserved": "2026-06-16T14:10:05.869Z",
        "dateUpdated": "2026-07-15T03:57:09.134Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-54118 (GCVE-0-2026-54118)

    Vulnerability from cvelistv5 – Published: 2026-07-14 17:05 – Updated: 2026-07-15 10:29
    VLAI
    Title
    Microsoft SQL Server Remote Code Execution Vulnerability
    Summary
    Deserialization of untrusted data in SQL Server allows an authorized attacker to execute code over a network.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-502 - Deserialization of Untrusted Data
    Assigner
    References
    Date Public
    2026-07-14 14:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-54118",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-15T04:00:44.039215Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-15T10:29:22.407Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2016 Service Pack 3 (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "13.0.6500.1",
                  "status": "affected",
                  "version": "13.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "13.0.7095.1",
                  "status": "affected",
                  "version": "13.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2017 (CU 31)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "14.0.3540.1",
                  "status": "affected",
                  "version": "14.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2017 (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "14.0.2120.1",
                  "status": "affected",
                  "version": "14.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2019 (CU 32)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "15.0.4480.2",
                  "status": "affected",
                  "version": "15.0.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2019 (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "15.0.2180.2",
                  "status": "affected",
                  "version": "15.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2022 (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.1190.2",
                  "status": "affected",
                  "version": "16.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Microsoft SQL Server 2022 for x64-based Systems (CU 25)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.4262.2",
                  "status": "affected",
                  "version": "16.0.4260.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Microsoft SQL Server 2025 (CU 6)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "17.0.4060.2",
                  "status": "affected",
                  "version": "17.0.4060.2",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2025 for x64-based Systems (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "17.0.1125.2",
                  "status": "affected",
                  "version": "17.0.1050.2",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
                      "versionEndExcluding": "13.0.7095.1",
                      "versionStartIncluding": "13.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "15.0.2180.2",
                      "versionStartIncluding": "15.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "16.0.1190.2",
                      "versionStartIncluding": "16.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
                      "versionEndExcluding": "14.0.3540.1",
                      "versionStartIncluding": "14.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "15.0.4480.2",
                      "versionStartIncluding": "15.0.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "16.0.4262.2",
                      "versionStartIncluding": "16.0.4260.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "17.0.1125.2",
                      "versionStartIncluding": "17.0.1050.2",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "17.0.4060.2",
                      "versionStartIncluding": "17.0.4060.2",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
                      "versionEndExcluding": "13.0.6500.1",
                      "versionStartIncluding": "13.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
                      "versionEndExcluding": "14.0.2120.1",
                      "versionStartIncluding": "14.0.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2026-07-14T14:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Deserialization of untrusted data in SQL Server allows an authorized attacker to execute code over a network."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-502",
                  "description": "CWE-502: Deserialization of Untrusted Data",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T19:37:12.651Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft SQL Server Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-54118"
            }
          ],
          "title": "Microsoft SQL Server Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2026-54118",
        "datePublished": "2026-07-14T17:05:05.500Z",
        "dateReserved": "2026-06-11T20:33:37.835Z",
        "dateUpdated": "2026-07-15T10:29:22.407Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-47296 (GCVE-0-2026-47296)

    Vulnerability from cvelistv5 – Published: 2026-07-14 17:04 – Updated: 2026-07-14 19:36
    VLAI
    Title
    Microsoft SQL Server Elevation of Privilege Vulnerability
    Summary
    Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges locally.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
    Assigner
    References
    Date Public
    2026-07-14 14:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-47296",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-14T17:44:42.492075Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-14T17:59:33.770Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2016 Service Pack 3 (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "13.0.6500.1",
                  "status": "affected",
                  "version": "13.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "13.0.7095.1",
                  "status": "affected",
                  "version": "13.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2017 (CU 31)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "14.0.3540.1",
                  "status": "affected",
                  "version": "14.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2017 (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "14.0.2120.1",
                  "status": "affected",
                  "version": "14.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2019 (CU 32)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "15.0.4480.2",
                  "status": "affected",
                  "version": "15.0.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2019 (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "15.0.2180.2",
                  "status": "affected",
                  "version": "15.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2022 (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.1190.2",
                  "status": "affected",
                  "version": "16.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Microsoft SQL Server 2022 for x64-based Systems (CU 25)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.4262.2",
                  "status": "affected",
                  "version": "16.0.4260.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Microsoft SQL Server 2025 (CU 6)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "17.0.4060.2",
                  "status": "affected",
                  "version": "17.0.4060.2",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft SQL Server 2025 for x64-based Systems (GDR)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "17.0.1125.2",
                  "status": "affected",
                  "version": "17.0.1050.2",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "16.0.4262.2",
                      "versionStartIncluding": "16.0.4260.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "17.0.4060.2",
                      "versionStartIncluding": "17.0.4060.2",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
                      "versionEndExcluding": "14.0.2120.1",
                      "versionStartIncluding": "14.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "15.0.2180.2",
                      "versionStartIncluding": "15.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
                      "versionEndExcluding": "13.0.6500.1",
                      "versionStartIncluding": "13.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
                      "versionEndExcluding": "13.0.7095.1",
                      "versionStartIncluding": "13.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
                      "versionEndExcluding": "14.0.3540.1",
                      "versionStartIncluding": "14.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "16.0.1190.2",
                      "versionStartIncluding": "16.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "17.0.1125.2",
                      "versionStartIncluding": "17.0.1050.2",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "15.0.4480.2",
                      "versionStartIncluding": "15.0.0.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2026-07-14T14:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Improper neutralization of special elements used in an sql command (\u0027sql injection\u0027) in SQL Server allows an authorized attacker to elevate privileges locally."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T19:36:23.304Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft SQL Server Elevation of Privilege Vulnerability",
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47296"
            }
          ],
          "title": "Microsoft SQL Server Elevation of Privilege Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2026-47296",
        "datePublished": "2026-07-14T17:04:15.041Z",
        "dateReserved": "2026-05-18T23:53:33.897Z",
        "dateUpdated": "2026-07-14T19:36:23.304Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }