Search criteria
14 vulnerabilities found for Microsoft SQL Server 2025 for x64-based Systems (GDR) by Microsoft
CVE-2026-40370 (GCVE-0-2026-40370)
Vulnerability from nvd – Published: 2026-05-12 16:59 – Updated: 2026-05-22 22:04
VLAI
Title
SQL Server Remote Code Execution Vulnerability
Summary
External control of file name or path in SQL Server allows an authorized attacker to execute code over a network.
Severity
CWE
- CWE-73 - External Control of File Name or Path
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisorypatch |
Impacted products
10 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft SQL Server 2016 Service Pack 3 (GDR) |
Affected:
13.0.0 , < 13.0.6490.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack |
Affected:
13.0.0 , < 13.0.7085.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2017 (CU 31) |
Affected:
14.0.0 , < 14.0.3530.2
(custom)
|
|
| Microsoft | Microsoft SQL Server 2017 (GDR) |
Affected:
14.0.0 , < 14.0.2110.2
(custom)
|
|
| Microsoft | Microsoft SQL Server 2019 (CU 32) |
Affected:
15.0.0.0 , < 15.0.4470.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2019 (GDR) |
Affected:
15.0.0 , < 15.0.2170.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2022 (GDR) |
Affected:
16.0.0 , < 16.0.1180.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2022 for x64-based Systems (CU 24) |
Affected:
16.0.0.0 , < 16.0.4252.3
(custom)
|
|
| Microsoft | Microsoft SQL Server 2025 (CU 4) |
Affected:
17.0.4040.1 , < 17.0.4040.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2025 for x64-based Systems (GDR) |
Affected:
17.0.1050.2 , < 17.0.1115.1
(custom)
|
Date Public
2026-05-12 14:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-40370",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T03:57:25.195979Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T10:04:10.932Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2016 Service Pack 3 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "13.0.6490.1",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "13.0.7085.1",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2017 (CU 31)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "14.0.3530.2",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2017 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "14.0.2110.2",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2019 (CU 32)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.4470.1",
"status": "affected",
"version": "15.0.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2019 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.2170.1",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2022 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.1180.1",
"status": "affected",
"version": "16.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2022 for x64-based Systems (CU 24)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.4252.3",
"status": "affected",
"version": "16.0.0.0",
"versionType": "custom"
}
]
},
{
"product": "Microsoft SQL Server 2025 (CU 4)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.0.4040.1",
"status": "affected",
"version": "17.0.4040.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2025 for x64-based Systems (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.0.1115.1",
"status": "affected",
"version": "17.0.1050.2",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "17.0.4040.1",
"versionStartIncluding": "17.0.4040.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "16.0.4252.3",
"versionStartIncluding": "16.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
"versionEndExcluding": "14.0.2110.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "15.0.2170.1",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
"versionEndExcluding": "13.0.6490.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
"versionEndExcluding": "13.0.7085.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
"versionEndExcluding": "14.0.3530.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "16.0.1180.1",
"versionStartIncluding": "16.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "17.0.1115.1",
"versionStartIncluding": "17.0.1050.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "15.0.4470.1",
"versionStartIncluding": "15.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2026-05-12T14:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "External control of file name or path in SQL Server allows an authorized attacker to execute code over a network."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-73",
"description": "CWE-73: External Control of File Name or Path",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-22T22:04:14.403Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "SQL Server Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40370"
}
],
"title": "SQL Server Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2026-40370",
"datePublished": "2026-05-12T16:59:21.097Z",
"dateReserved": "2026-04-11T23:06:15.615Z",
"dateUpdated": "2026-05-22T22:04:14.403Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-32176 (GCVE-0-2026-32176)
Vulnerability from nvd – Published: 2026-04-14 16:58 – Updated: 2026-05-12 17:39
VLAI
Title
SQL Server Elevation of Privilege Vulnerability
Summary
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges locally.
Severity
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisorypatch |
Impacted products
10 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft SQL Server 2016 Service Pack 3 (GDR) |
Affected:
13.0.0 , < 13.0.6485.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack |
Affected:
13.0.0 , < 13.0.7080.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2017 (CU 31) |
Affected:
14.0.0 , < 14.0.3525.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2017 (GDR) |
Affected:
14.0.0 , < 14.0.2105.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2019 (CU 32) |
Affected:
15.0.0.0 , < 15.0.4465.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2019 (GDR) |
Affected:
15.0.0 , < 15.0.2165.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2022 (GDR) |
Affected:
16.0.0 , < 16.0.1175.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2022 for x64-based Systems (CU 24) |
Affected:
16.0.0.0 , < 16.0.4250.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2025 (CU 3) |
Affected:
17.0.4030.1 , < 17.0.4030.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2025 for x64-based Systems (GDR) |
Affected:
17.0.1050.2 , < 17.0.1110.1
(custom)
|
Date Public
2026-04-14 14:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-32176",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-10T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-15T03:57:06.454Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2016 Service Pack 3 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "13.0.6485.1",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "13.0.7080.1",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2017 (CU 31)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "14.0.3525.1",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2017 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "14.0.2105.1",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2019 (CU 32)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.4465.1",
"status": "affected",
"version": "15.0.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2019 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.2165.1",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2022 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.1175.1",
"status": "affected",
"version": "16.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2022 for x64-based Systems (CU 24)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.4250.1",
"status": "affected",
"version": "16.0.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2025 (CU 3)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.0.4030.1",
"status": "affected",
"version": "17.0.4030.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2025 for x64-based Systems (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.0.1110.1",
"status": "affected",
"version": "17.0.1050.2",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "17.0.4030.1",
"versionStartIncluding": "17.0.4030.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "17.0.1110.1",
"versionStartIncluding": "17.0.1050.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "16.0.4250.1",
"versionStartIncluding": "16.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
"versionEndExcluding": "14.0.2105.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "15.0.2165.1",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
"versionEndExcluding": "13.0.6485.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
"versionEndExcluding": "13.0.7080.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
"versionEndExcluding": "14.0.3525.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "16.0.1175.1",
"versionStartIncluding": "16.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "15.0.4465.1",
"versionStartIncluding": "15.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2026-04-14T14:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Improper neutralization of special elements used in an sql command (\u0027sql injection\u0027) in SQL Server allows an authorized attacker to elevate privileges locally."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T17:39:31.347Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "SQL Server Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32176"
}
],
"title": "SQL Server Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2026-32176",
"datePublished": "2026-04-14T16:58:32.054Z",
"dateReserved": "2026-03-11T00:26:53.425Z",
"dateUpdated": "2026-05-12T17:39:31.347Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-32167 (GCVE-0-2026-32167)
Vulnerability from nvd – Published: 2026-04-14 16:57 – Updated: 2026-05-12 17:38
VLAI
Title
SQL Server Elevation of Privilege Vulnerability
Summary
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges locally.
Severity
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisorypatch |
Impacted products
10 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft SQL Server 2016 Service Pack 3 (GDR) |
Affected:
13.0.0 , < 13.0.6485.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack |
Affected:
13.0.0 , < 13.0.7080.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2017 (CU 31) |
Affected:
14.0.0 , < 14.0.3525.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2017 (GDR) |
Affected:
14.0.0 , < 14.0.2105.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2019 (CU 32) |
Affected:
15.0.0.0 , < 15.0.4465.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2019 (GDR) |
Affected:
15.0.0 , < 15.0.2165.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2022 (GDR) |
Affected:
16.0.0 , < 16.0.1175.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2022 for x64-based Systems (CU 24) |
Affected:
16.0.0.0 , < 16.0.4250.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2025 (CU 3) |
Affected:
17.0.4030.1 , < 17.0.4030.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2025 for x64-based Systems (GDR) |
Affected:
17.0.1050.2 , < 17.0.1110.1
(custom)
|
Date Public
2026-04-14 14:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-32167",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-15T03:57:08.611733Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-15T10:34:13.625Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2016 Service Pack 3 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "13.0.6485.1",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "13.0.7080.1",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2017 (CU 31)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "14.0.3525.1",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2017 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "14.0.2105.1",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2019 (CU 32)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.4465.1",
"status": "affected",
"version": "15.0.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2019 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.2165.1",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2022 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.1175.1",
"status": "affected",
"version": "16.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2022 for x64-based Systems (CU 24)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.4250.1",
"status": "affected",
"version": "16.0.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2025 (CU 3)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.0.4030.1",
"status": "affected",
"version": "17.0.4030.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2025 for x64-based Systems (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.0.1110.1",
"status": "affected",
"version": "17.0.1050.2",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "17.0.4030.1",
"versionStartIncluding": "17.0.4030.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "16.0.4250.1",
"versionStartIncluding": "16.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
"versionEndExcluding": "14.0.2105.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "15.0.2165.1",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
"versionEndExcluding": "13.0.6485.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
"versionEndExcluding": "13.0.7080.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "16.0.1175.1",
"versionStartIncluding": "16.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
"versionEndExcluding": "14.0.3525.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "17.0.1110.1",
"versionStartIncluding": "17.0.1050.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "15.0.4465.1",
"versionStartIncluding": "15.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2026-04-14T14:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Improper neutralization of special elements used in an sql command (\u0027sql injection\u0027) in SQL Server allows an authorized attacker to elevate privileges locally."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T17:38:27.195Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "SQL Server Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32167"
}
],
"title": "SQL Server Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2026-32167",
"datePublished": "2026-04-14T16:57:30.245Z",
"dateReserved": "2026-03-10T23:09:43.266Z",
"dateUpdated": "2026-05-12T17:38:27.195Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-26116 (GCVE-0-2026-26116)
Vulnerability from nvd – Published: 2026-03-10 17:05 – Updated: 2026-04-14 16:36
VLAI
Title
SQL Server Elevation of Privilege Vulnerability
Summary
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network.
Severity
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisorypatch |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft SQL Server 2025 (CU 2) |
Affected:
17.0.0.0 , < 17.0.4020.2
(custom)
|
|
| Microsoft | Microsoft SQL Server 2025 for x64-based Systems (GDR) |
Affected:
17.0.1050.2 , < 17.0.1105.2
(custom)
|
Date Public
2026-03-10 14:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-26116",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-05T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T03:55:57.934Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2025 (CU 2)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.0.4020.2",
"status": "affected",
"version": "17.0.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2025 for x64-based Systems (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.0.1105.2",
"status": "affected",
"version": "17.0.1050.2",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "17.0.1105.2",
"versionStartIncluding": "17.0.1050.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "17.0.4020.2",
"versionStartIncluding": "17.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2026-03-10T14:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Improper neutralization of special elements used in an sql command (\u0027sql injection\u0027) in SQL Server allows an authorized attacker to elevate privileges over a network."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T16:36:12.672Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "SQL Server Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26116"
}
],
"title": "SQL Server Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2026-26116",
"datePublished": "2026-03-10T17:05:07.935Z",
"dateReserved": "2026-02-11T15:52:13.910Z",
"dateUpdated": "2026-04-14T16:36:12.672Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-26115 (GCVE-0-2026-26115)
Vulnerability from nvd – Published: 2026-03-10 17:05 – Updated: 2026-04-14 16:36
VLAI
Title
SQL Server Elevation of Privilege Vulnerability
Summary
Improper validation of specified type of input in SQL Server allows an authorized attacker to elevate privileges over a network.
Severity
CWE
- CWE-1287 - Improper Validation of Specified Type of Input
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisorypatch |
Impacted products
10 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft SQL Server 2016 Service Pack 3 (GDR) |
Affected:
13.0.0 , < 13.0.6480.4
(custom)
|
|
| Microsoft | Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack |
Affected:
13.0.0 , < 13.0.7075.5
(custom)
|
|
| Microsoft | Microsoft SQL Server 2017 (CU 31) |
Affected:
14.0.0 , < 14.0.3520.4
(custom)
|
|
| Microsoft | Microsoft SQL Server 2017 (GDR) |
Affected:
14.0.0 , < 14.0.2100.4
(custom)
|
|
| Microsoft | Microsoft SQL Server 2019 (CU 32) |
Affected:
15.0.0.0 , < 15.0.4460.4
(custom)
|
|
| Microsoft | Microsoft SQL Server 2019 (GDR) |
Affected:
15.0.0 , < 15.0.2160.4
(custom)
|
|
| Microsoft | Microsoft SQL Server 2022 (GDR) |
Affected:
16.0.0 , < 16.0.1170.5
(custom)
|
|
| Microsoft | Microsoft SQL Server 2022 for x64-based Systems (CU 23) |
Affected:
16.0.0.0 , < 16.0.4240.4
(custom)
|
|
| Microsoft | Microsoft SQL Server 2025 (CU 2) |
Affected:
17.0.0.0 , < 17.0.4020.2
(custom)
|
|
| Microsoft | Microsoft SQL Server 2025 for x64-based Systems (GDR) |
Affected:
17.0.1050.2 , < 17.0.1105.2
(custom)
|
Date Public
2026-03-10 14:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-26115",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-11T03:55:59.792025Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T13:08:16.518Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2016 Service Pack 3 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "13.0.6480.4",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "13.0.7075.5",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2017 (CU 31)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "14.0.3520.4",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2017 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "14.0.2100.4",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2019 (CU 32)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.4460.4",
"status": "affected",
"version": "15.0.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2019 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.2160.4",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2022 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.1170.5",
"status": "affected",
"version": "16.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2022 for x64-based Systems (CU 23)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.4240.4",
"status": "affected",
"version": "16.0.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2025 (CU 2)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.0.4020.2",
"status": "affected",
"version": "17.0.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2025 for x64-based Systems (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.0.1105.2",
"status": "affected",
"version": "17.0.1050.2",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "17.0.1105.2",
"versionStartIncluding": "17.0.1050.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
"versionEndExcluding": "14.0.2100.4",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
"versionEndExcluding": "13.0.6480.4",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
"versionEndExcluding": "14.0.3520.4",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "16.0.1170.5",
"versionStartIncluding": "16.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "15.0.4460.4",
"versionStartIncluding": "15.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "16.0.4240.4",
"versionStartIncluding": "16.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "17.0.4020.2",
"versionStartIncluding": "17.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "15.0.2160.4",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
"versionEndExcluding": "13.0.7075.5",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2026-03-10T14:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Improper validation of specified type of input in SQL Server allows an authorized attacker to elevate privileges over a network."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1287",
"description": "CWE-1287: Improper Validation of Specified Type of Input",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T16:36:11.651Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "SQL Server Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26115"
}
],
"title": "SQL Server Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2026-26115",
"datePublished": "2026-03-10T17:05:07.320Z",
"dateReserved": "2026-02-11T15:52:13.910Z",
"dateUpdated": "2026-04-14T16:36:11.651Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-21262 (GCVE-0-2026-21262)
Vulnerability from nvd – Published: 2026-03-10 17:04 – Updated: 2026-04-14 16:35
VLAI
Title
SQL Server Elevation of Privilege Vulnerability
Summary
Improper access control in SQL Server allows an authorized attacker to elevate privileges over a network.
Severity
CWE
- CWE-284 - Improper Access Control
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisorypatch |
Impacted products
10 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft SQL Server 2016 Service Pack 3 (GDR) |
Affected:
13.0.0 , < 13.0.6480.4
(custom)
|
|
| Microsoft | Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack |
Affected:
13.0.0 , < 13.0.7075.5
(custom)
|
|
| Microsoft | Microsoft SQL Server 2017 (CU 31) |
Affected:
14.0.0 , < 14.0.3520.4
(custom)
|
|
| Microsoft | Microsoft SQL Server 2017 (GDR) |
Affected:
14.0.0 , < 14.0.2100.4
(custom)
|
|
| Microsoft | Microsoft SQL Server 2019 (CU 32) |
Affected:
15.0.0.0 , < 15.0.4460.4
(custom)
|
|
| Microsoft | Microsoft SQL Server 2019 (GDR) |
Affected:
15.0.0 , < 15.0.2160.4
(custom)
|
|
| Microsoft | Microsoft SQL Server 2022 (GDR) |
Affected:
16.0.0 , < 16.0.1170.5
(custom)
|
|
| Microsoft | Microsoft SQL Server 2022 for x64-based Systems (CU 23) |
Affected:
16.0.0.0 , < 16.0.4240.4
(custom)
|
|
| Microsoft | Microsoft SQL Server 2025 (CU 2) |
Affected:
17.0.0.0 , < 17.0.4020.2
(custom)
|
|
| Microsoft | Microsoft SQL Server 2025 for x64-based Systems (GDR) |
Affected:
17.0.1050.2 , < 17.0.1105.2
(custom)
|
Date Public
2026-03-10 14:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-21262",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-05T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T03:56:00.384Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2016 Service Pack 3 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "13.0.6480.4",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "13.0.7075.5",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2017 (CU 31)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "14.0.3520.4",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2017 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "14.0.2100.4",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2019 (CU 32)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.4460.4",
"status": "affected",
"version": "15.0.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2019 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.2160.4",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2022 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.1170.5",
"status": "affected",
"version": "16.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2022 for x64-based Systems (CU 23)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.4240.4",
"status": "affected",
"version": "16.0.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2025 (CU 2)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.0.4020.2",
"status": "affected",
"version": "17.0.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2025 for x64-based Systems (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.0.1105.2",
"status": "affected",
"version": "17.0.1050.2",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
"versionEndExcluding": "14.0.2100.4",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "15.0.2160.4",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
"versionEndExcluding": "13.0.6480.4",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
"versionEndExcluding": "14.0.3520.4",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
"versionEndExcluding": "13.0.7075.5",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "16.0.1170.5",
"versionStartIncluding": "16.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "17.0.1105.2",
"versionStartIncluding": "17.0.1050.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "15.0.4460.4",
"versionStartIncluding": "15.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "16.0.4240.4",
"versionStartIncluding": "16.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "17.0.4020.2",
"versionStartIncluding": "17.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2026-03-10T14:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Improper access control in SQL Server allows an authorized attacker to elevate privileges over a network."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T16:35:25.676Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "SQL Server Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21262"
}
],
"title": "SQL Server Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2026-21262",
"datePublished": "2026-03-10T17:04:32.361Z",
"dateReserved": "2025-12-11T21:02:05.737Z",
"dateUpdated": "2026-04-14T16:35:25.676Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20803 (GCVE-0-2026-20803)
Vulnerability from nvd – Published: 2026-01-13 17:56 – Updated: 2026-04-01 13:48
VLAI
Title
Microsoft SQL Server Elevation of Privilege Vulnerability
Summary
Missing authentication for critical function in SQL Server allows an authorized attacker to elevate privileges over a network.
Severity
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisorypatch |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft SQL Server 2022 (GDR) |
Affected:
16.0.0 , < 16.0.1165.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2022 for x64-based Systems (CU 22) |
Affected:
16.0.0.0 , < 16.0.4230.2
(custom)
|
|
| Microsoft | Microsoft SQL Server 2025 for x64-based Systems (GDR) |
Affected:
17.0.1050.2 , < 17.0.1050.2
(custom)
|
Date Public
2026-01-13 16:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20803",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-14T04:56:58.655928Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T15:04:41.325Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2022 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.1165.1",
"status": "affected",
"version": "16.0.0",
"versionType": "custom"
}
]
},
{
"product": "Microsoft SQL Server 2022 for x64-based Systems (CU 22)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.4230.2",
"status": "affected",
"version": "16.0.0.0",
"versionType": "custom"
}
]
},
{
"product": "Microsoft SQL Server 2025 for x64-based Systems (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.0.1050.2",
"status": "affected",
"version": "17.0.1050.2",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "16.0.1165.1",
"versionStartIncluding": "16.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "17.0.1050.2",
"versionStartIncluding": "17.0.1050.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "16.0.4230.2",
"versionStartIncluding": "16.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2026-01-13T16:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Missing authentication for critical function in SQL Server allows an authorized attacker to elevate privileges over a network."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306: Missing Authentication for Critical Function",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T13:48:15.136Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Microsoft SQL Server Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20803"
}
],
"title": "Microsoft SQL Server Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2026-20803",
"datePublished": "2026-01-13T17:56:06.184Z",
"dateReserved": "2025-12-03T05:54:20.370Z",
"dateUpdated": "2026-04-01T13:48:15.136Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-40370 (GCVE-0-2026-40370)
Vulnerability from cvelistv5 – Published: 2026-05-12 16:59 – Updated: 2026-05-22 22:04
VLAI
Title
SQL Server Remote Code Execution Vulnerability
Summary
External control of file name or path in SQL Server allows an authorized attacker to execute code over a network.
Severity
CWE
- CWE-73 - External Control of File Name or Path
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisorypatch |
Impacted products
10 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft SQL Server 2016 Service Pack 3 (GDR) |
Affected:
13.0.0 , < 13.0.6490.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack |
Affected:
13.0.0 , < 13.0.7085.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2017 (CU 31) |
Affected:
14.0.0 , < 14.0.3530.2
(custom)
|
|
| Microsoft | Microsoft SQL Server 2017 (GDR) |
Affected:
14.0.0 , < 14.0.2110.2
(custom)
|
|
| Microsoft | Microsoft SQL Server 2019 (CU 32) |
Affected:
15.0.0.0 , < 15.0.4470.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2019 (GDR) |
Affected:
15.0.0 , < 15.0.2170.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2022 (GDR) |
Affected:
16.0.0 , < 16.0.1180.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2022 for x64-based Systems (CU 24) |
Affected:
16.0.0.0 , < 16.0.4252.3
(custom)
|
|
| Microsoft | Microsoft SQL Server 2025 (CU 4) |
Affected:
17.0.4040.1 , < 17.0.4040.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2025 for x64-based Systems (GDR) |
Affected:
17.0.1050.2 , < 17.0.1115.1
(custom)
|
Date Public
2026-05-12 14:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-40370",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T03:57:25.195979Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T10:04:10.932Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2016 Service Pack 3 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "13.0.6490.1",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "13.0.7085.1",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2017 (CU 31)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "14.0.3530.2",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2017 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "14.0.2110.2",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2019 (CU 32)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.4470.1",
"status": "affected",
"version": "15.0.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2019 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.2170.1",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2022 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.1180.1",
"status": "affected",
"version": "16.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2022 for x64-based Systems (CU 24)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.4252.3",
"status": "affected",
"version": "16.0.0.0",
"versionType": "custom"
}
]
},
{
"product": "Microsoft SQL Server 2025 (CU 4)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.0.4040.1",
"status": "affected",
"version": "17.0.4040.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2025 for x64-based Systems (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.0.1115.1",
"status": "affected",
"version": "17.0.1050.2",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "17.0.4040.1",
"versionStartIncluding": "17.0.4040.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "16.0.4252.3",
"versionStartIncluding": "16.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
"versionEndExcluding": "14.0.2110.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "15.0.2170.1",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
"versionEndExcluding": "13.0.6490.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
"versionEndExcluding": "13.0.7085.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
"versionEndExcluding": "14.0.3530.2",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "16.0.1180.1",
"versionStartIncluding": "16.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "17.0.1115.1",
"versionStartIncluding": "17.0.1050.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "15.0.4470.1",
"versionStartIncluding": "15.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2026-05-12T14:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "External control of file name or path in SQL Server allows an authorized attacker to execute code over a network."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-73",
"description": "CWE-73: External Control of File Name or Path",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-22T22:04:14.403Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "SQL Server Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40370"
}
],
"title": "SQL Server Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2026-40370",
"datePublished": "2026-05-12T16:59:21.097Z",
"dateReserved": "2026-04-11T23:06:15.615Z",
"dateUpdated": "2026-05-22T22:04:14.403Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-32176 (GCVE-0-2026-32176)
Vulnerability from cvelistv5 – Published: 2026-04-14 16:58 – Updated: 2026-05-12 17:39
VLAI
Title
SQL Server Elevation of Privilege Vulnerability
Summary
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges locally.
Severity
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisorypatch |
Impacted products
10 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft SQL Server 2016 Service Pack 3 (GDR) |
Affected:
13.0.0 , < 13.0.6485.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack |
Affected:
13.0.0 , < 13.0.7080.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2017 (CU 31) |
Affected:
14.0.0 , < 14.0.3525.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2017 (GDR) |
Affected:
14.0.0 , < 14.0.2105.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2019 (CU 32) |
Affected:
15.0.0.0 , < 15.0.4465.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2019 (GDR) |
Affected:
15.0.0 , < 15.0.2165.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2022 (GDR) |
Affected:
16.0.0 , < 16.0.1175.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2022 for x64-based Systems (CU 24) |
Affected:
16.0.0.0 , < 16.0.4250.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2025 (CU 3) |
Affected:
17.0.4030.1 , < 17.0.4030.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2025 for x64-based Systems (GDR) |
Affected:
17.0.1050.2 , < 17.0.1110.1
(custom)
|
Date Public
2026-04-14 14:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-32176",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-10T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-15T03:57:06.454Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2016 Service Pack 3 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "13.0.6485.1",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "13.0.7080.1",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2017 (CU 31)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "14.0.3525.1",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2017 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "14.0.2105.1",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2019 (CU 32)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.4465.1",
"status": "affected",
"version": "15.0.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2019 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.2165.1",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2022 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.1175.1",
"status": "affected",
"version": "16.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2022 for x64-based Systems (CU 24)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.4250.1",
"status": "affected",
"version": "16.0.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2025 (CU 3)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.0.4030.1",
"status": "affected",
"version": "17.0.4030.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2025 for x64-based Systems (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.0.1110.1",
"status": "affected",
"version": "17.0.1050.2",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "17.0.4030.1",
"versionStartIncluding": "17.0.4030.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "17.0.1110.1",
"versionStartIncluding": "17.0.1050.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "16.0.4250.1",
"versionStartIncluding": "16.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
"versionEndExcluding": "14.0.2105.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "15.0.2165.1",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
"versionEndExcluding": "13.0.6485.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
"versionEndExcluding": "13.0.7080.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
"versionEndExcluding": "14.0.3525.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "16.0.1175.1",
"versionStartIncluding": "16.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "15.0.4465.1",
"versionStartIncluding": "15.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2026-04-14T14:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Improper neutralization of special elements used in an sql command (\u0027sql injection\u0027) in SQL Server allows an authorized attacker to elevate privileges locally."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T17:39:31.347Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "SQL Server Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32176"
}
],
"title": "SQL Server Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2026-32176",
"datePublished": "2026-04-14T16:58:32.054Z",
"dateReserved": "2026-03-11T00:26:53.425Z",
"dateUpdated": "2026-05-12T17:39:31.347Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-32167 (GCVE-0-2026-32167)
Vulnerability from cvelistv5 – Published: 2026-04-14 16:57 – Updated: 2026-05-12 17:38
VLAI
Title
SQL Server Elevation of Privilege Vulnerability
Summary
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges locally.
Severity
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisorypatch |
Impacted products
10 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft SQL Server 2016 Service Pack 3 (GDR) |
Affected:
13.0.0 , < 13.0.6485.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack |
Affected:
13.0.0 , < 13.0.7080.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2017 (CU 31) |
Affected:
14.0.0 , < 14.0.3525.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2017 (GDR) |
Affected:
14.0.0 , < 14.0.2105.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2019 (CU 32) |
Affected:
15.0.0.0 , < 15.0.4465.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2019 (GDR) |
Affected:
15.0.0 , < 15.0.2165.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2022 (GDR) |
Affected:
16.0.0 , < 16.0.1175.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2022 for x64-based Systems (CU 24) |
Affected:
16.0.0.0 , < 16.0.4250.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2025 (CU 3) |
Affected:
17.0.4030.1 , < 17.0.4030.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2025 for x64-based Systems (GDR) |
Affected:
17.0.1050.2 , < 17.0.1110.1
(custom)
|
Date Public
2026-04-14 14:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-32167",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-15T03:57:08.611733Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-15T10:34:13.625Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2016 Service Pack 3 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "13.0.6485.1",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "13.0.7080.1",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2017 (CU 31)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "14.0.3525.1",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2017 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "14.0.2105.1",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2019 (CU 32)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.4465.1",
"status": "affected",
"version": "15.0.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2019 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.2165.1",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2022 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.1175.1",
"status": "affected",
"version": "16.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2022 for x64-based Systems (CU 24)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.4250.1",
"status": "affected",
"version": "16.0.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2025 (CU 3)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.0.4030.1",
"status": "affected",
"version": "17.0.4030.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2025 for x64-based Systems (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.0.1110.1",
"status": "affected",
"version": "17.0.1050.2",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "17.0.4030.1",
"versionStartIncluding": "17.0.4030.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "16.0.4250.1",
"versionStartIncluding": "16.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
"versionEndExcluding": "14.0.2105.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "15.0.2165.1",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
"versionEndExcluding": "13.0.6485.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
"versionEndExcluding": "13.0.7080.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "16.0.1175.1",
"versionStartIncluding": "16.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
"versionEndExcluding": "14.0.3525.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "17.0.1110.1",
"versionStartIncluding": "17.0.1050.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "15.0.4465.1",
"versionStartIncluding": "15.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2026-04-14T14:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Improper neutralization of special elements used in an sql command (\u0027sql injection\u0027) in SQL Server allows an authorized attacker to elevate privileges locally."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T17:38:27.195Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "SQL Server Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32167"
}
],
"title": "SQL Server Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2026-32167",
"datePublished": "2026-04-14T16:57:30.245Z",
"dateReserved": "2026-03-10T23:09:43.266Z",
"dateUpdated": "2026-05-12T17:38:27.195Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-26116 (GCVE-0-2026-26116)
Vulnerability from cvelistv5 – Published: 2026-03-10 17:05 – Updated: 2026-04-14 16:36
VLAI
Title
SQL Server Elevation of Privilege Vulnerability
Summary
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network.
Severity
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisorypatch |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft SQL Server 2025 (CU 2) |
Affected:
17.0.0.0 , < 17.0.4020.2
(custom)
|
|
| Microsoft | Microsoft SQL Server 2025 for x64-based Systems (GDR) |
Affected:
17.0.1050.2 , < 17.0.1105.2
(custom)
|
Date Public
2026-03-10 14:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-26116",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-05T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T03:55:57.934Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2025 (CU 2)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.0.4020.2",
"status": "affected",
"version": "17.0.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2025 for x64-based Systems (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.0.1105.2",
"status": "affected",
"version": "17.0.1050.2",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "17.0.1105.2",
"versionStartIncluding": "17.0.1050.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "17.0.4020.2",
"versionStartIncluding": "17.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2026-03-10T14:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Improper neutralization of special elements used in an sql command (\u0027sql injection\u0027) in SQL Server allows an authorized attacker to elevate privileges over a network."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T16:36:12.672Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "SQL Server Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26116"
}
],
"title": "SQL Server Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2026-26116",
"datePublished": "2026-03-10T17:05:07.935Z",
"dateReserved": "2026-02-11T15:52:13.910Z",
"dateUpdated": "2026-04-14T16:36:12.672Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-26115 (GCVE-0-2026-26115)
Vulnerability from cvelistv5 – Published: 2026-03-10 17:05 – Updated: 2026-04-14 16:36
VLAI
Title
SQL Server Elevation of Privilege Vulnerability
Summary
Improper validation of specified type of input in SQL Server allows an authorized attacker to elevate privileges over a network.
Severity
CWE
- CWE-1287 - Improper Validation of Specified Type of Input
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisorypatch |
Impacted products
10 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft SQL Server 2016 Service Pack 3 (GDR) |
Affected:
13.0.0 , < 13.0.6480.4
(custom)
|
|
| Microsoft | Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack |
Affected:
13.0.0 , < 13.0.7075.5
(custom)
|
|
| Microsoft | Microsoft SQL Server 2017 (CU 31) |
Affected:
14.0.0 , < 14.0.3520.4
(custom)
|
|
| Microsoft | Microsoft SQL Server 2017 (GDR) |
Affected:
14.0.0 , < 14.0.2100.4
(custom)
|
|
| Microsoft | Microsoft SQL Server 2019 (CU 32) |
Affected:
15.0.0.0 , < 15.0.4460.4
(custom)
|
|
| Microsoft | Microsoft SQL Server 2019 (GDR) |
Affected:
15.0.0 , < 15.0.2160.4
(custom)
|
|
| Microsoft | Microsoft SQL Server 2022 (GDR) |
Affected:
16.0.0 , < 16.0.1170.5
(custom)
|
|
| Microsoft | Microsoft SQL Server 2022 for x64-based Systems (CU 23) |
Affected:
16.0.0.0 , < 16.0.4240.4
(custom)
|
|
| Microsoft | Microsoft SQL Server 2025 (CU 2) |
Affected:
17.0.0.0 , < 17.0.4020.2
(custom)
|
|
| Microsoft | Microsoft SQL Server 2025 for x64-based Systems (GDR) |
Affected:
17.0.1050.2 , < 17.0.1105.2
(custom)
|
Date Public
2026-03-10 14:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-26115",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-11T03:55:59.792025Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T13:08:16.518Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2016 Service Pack 3 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "13.0.6480.4",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "13.0.7075.5",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2017 (CU 31)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "14.0.3520.4",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2017 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "14.0.2100.4",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2019 (CU 32)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.4460.4",
"status": "affected",
"version": "15.0.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2019 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.2160.4",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2022 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.1170.5",
"status": "affected",
"version": "16.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2022 for x64-based Systems (CU 23)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.4240.4",
"status": "affected",
"version": "16.0.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2025 (CU 2)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.0.4020.2",
"status": "affected",
"version": "17.0.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2025 for x64-based Systems (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.0.1105.2",
"status": "affected",
"version": "17.0.1050.2",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "17.0.1105.2",
"versionStartIncluding": "17.0.1050.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
"versionEndExcluding": "14.0.2100.4",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
"versionEndExcluding": "13.0.6480.4",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
"versionEndExcluding": "14.0.3520.4",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "16.0.1170.5",
"versionStartIncluding": "16.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "15.0.4460.4",
"versionStartIncluding": "15.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "16.0.4240.4",
"versionStartIncluding": "16.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "17.0.4020.2",
"versionStartIncluding": "17.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "15.0.2160.4",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
"versionEndExcluding": "13.0.7075.5",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2026-03-10T14:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Improper validation of specified type of input in SQL Server allows an authorized attacker to elevate privileges over a network."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1287",
"description": "CWE-1287: Improper Validation of Specified Type of Input",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T16:36:11.651Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "SQL Server Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26115"
}
],
"title": "SQL Server Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2026-26115",
"datePublished": "2026-03-10T17:05:07.320Z",
"dateReserved": "2026-02-11T15:52:13.910Z",
"dateUpdated": "2026-04-14T16:36:11.651Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-21262 (GCVE-0-2026-21262)
Vulnerability from cvelistv5 – Published: 2026-03-10 17:04 – Updated: 2026-04-14 16:35
VLAI
Title
SQL Server Elevation of Privilege Vulnerability
Summary
Improper access control in SQL Server allows an authorized attacker to elevate privileges over a network.
Severity
CWE
- CWE-284 - Improper Access Control
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisorypatch |
Impacted products
10 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft SQL Server 2016 Service Pack 3 (GDR) |
Affected:
13.0.0 , < 13.0.6480.4
(custom)
|
|
| Microsoft | Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack |
Affected:
13.0.0 , < 13.0.7075.5
(custom)
|
|
| Microsoft | Microsoft SQL Server 2017 (CU 31) |
Affected:
14.0.0 , < 14.0.3520.4
(custom)
|
|
| Microsoft | Microsoft SQL Server 2017 (GDR) |
Affected:
14.0.0 , < 14.0.2100.4
(custom)
|
|
| Microsoft | Microsoft SQL Server 2019 (CU 32) |
Affected:
15.0.0.0 , < 15.0.4460.4
(custom)
|
|
| Microsoft | Microsoft SQL Server 2019 (GDR) |
Affected:
15.0.0 , < 15.0.2160.4
(custom)
|
|
| Microsoft | Microsoft SQL Server 2022 (GDR) |
Affected:
16.0.0 , < 16.0.1170.5
(custom)
|
|
| Microsoft | Microsoft SQL Server 2022 for x64-based Systems (CU 23) |
Affected:
16.0.0.0 , < 16.0.4240.4
(custom)
|
|
| Microsoft | Microsoft SQL Server 2025 (CU 2) |
Affected:
17.0.0.0 , < 17.0.4020.2
(custom)
|
|
| Microsoft | Microsoft SQL Server 2025 for x64-based Systems (GDR) |
Affected:
17.0.1050.2 , < 17.0.1105.2
(custom)
|
Date Public
2026-03-10 14:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-21262",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-05T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T03:56:00.384Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2016 Service Pack 3 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "13.0.6480.4",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "13.0.7075.5",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2017 (CU 31)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "14.0.3520.4",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2017 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "14.0.2100.4",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2019 (CU 32)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.4460.4",
"status": "affected",
"version": "15.0.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2019 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.2160.4",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2022 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.1170.5",
"status": "affected",
"version": "16.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2022 for x64-based Systems (CU 23)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.4240.4",
"status": "affected",
"version": "16.0.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2025 (CU 2)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.0.4020.2",
"status": "affected",
"version": "17.0.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2025 for x64-based Systems (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.0.1105.2",
"status": "affected",
"version": "17.0.1050.2",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
"versionEndExcluding": "14.0.2100.4",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "15.0.2160.4",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
"versionEndExcluding": "13.0.6480.4",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*",
"versionEndExcluding": "14.0.3520.4",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*",
"versionEndExcluding": "13.0.7075.5",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "16.0.1170.5",
"versionStartIncluding": "16.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "17.0.1105.2",
"versionStartIncluding": "17.0.1050.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "15.0.4460.4",
"versionStartIncluding": "15.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "16.0.4240.4",
"versionStartIncluding": "16.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "17.0.4020.2",
"versionStartIncluding": "17.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2026-03-10T14:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Improper access control in SQL Server allows an authorized attacker to elevate privileges over a network."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T16:35:25.676Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "SQL Server Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21262"
}
],
"title": "SQL Server Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2026-21262",
"datePublished": "2026-03-10T17:04:32.361Z",
"dateReserved": "2025-12-11T21:02:05.737Z",
"dateUpdated": "2026-04-14T16:35:25.676Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20803 (GCVE-0-2026-20803)
Vulnerability from cvelistv5 – Published: 2026-01-13 17:56 – Updated: 2026-04-01 13:48
VLAI
Title
Microsoft SQL Server Elevation of Privilege Vulnerability
Summary
Missing authentication for critical function in SQL Server allows an authorized attacker to elevate privileges over a network.
Severity
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisorypatch |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft SQL Server 2022 (GDR) |
Affected:
16.0.0 , < 16.0.1165.1
(custom)
|
|
| Microsoft | Microsoft SQL Server 2022 for x64-based Systems (CU 22) |
Affected:
16.0.0.0 , < 16.0.4230.2
(custom)
|
|
| Microsoft | Microsoft SQL Server 2025 for x64-based Systems (GDR) |
Affected:
17.0.1050.2 , < 17.0.1050.2
(custom)
|
Date Public
2026-01-13 16:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20803",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-14T04:56:58.655928Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T15:04:41.325Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft SQL Server 2022 (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.1165.1",
"status": "affected",
"version": "16.0.0",
"versionType": "custom"
}
]
},
{
"product": "Microsoft SQL Server 2022 for x64-based Systems (CU 22)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.4230.2",
"status": "affected",
"version": "16.0.0.0",
"versionType": "custom"
}
]
},
{
"product": "Microsoft SQL Server 2025 for x64-based Systems (GDR)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.0.1050.2",
"status": "affected",
"version": "17.0.1050.2",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "16.0.1165.1",
"versionStartIncluding": "16.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "17.0.1050.2",
"versionStartIncluding": "17.0.1050.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "16.0.4230.2",
"versionStartIncluding": "16.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2026-01-13T16:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Missing authentication for critical function in SQL Server allows an authorized attacker to elevate privileges over a network."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306: Missing Authentication for Critical Function",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T13:48:15.136Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Microsoft SQL Server Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20803"
}
],
"title": "Microsoft SQL Server Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2026-20803",
"datePublished": "2026-01-13T17:56:06.184Z",
"dateReserved": "2025-12-03T05:54:20.370Z",
"dateUpdated": "2026-04-01T13:48:15.136Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}