EUVD-2026-22561

🗓️ 14 Apr 2026 18:30:41Reported by EUVDType

Improper neutralization of special elements in an SQL command on SQL Server enables local privilege escalation.

Reporter	Title	Published	Views	Family All 24
ATTACKERKB	CVE-2026-32176	14 Apr 202616:58	–	attackerkb
Circl	CVE-2026-32176	14 Apr 202612:24	–	circl
CNNVD	Microsoft SQL Server SQL注入漏洞	14 Apr 202600:00	–	cnnvd
CVE	CVE-2026-32176	14 Apr 202616:58	–	cve
Cvelist	CVE-2026-32176 SQL Server Elevation of Privilege Vulnerability	14 Apr 202616:58	–	cvelist
Microsoft KB	KB5083245- Description of the security update for SQL Server 2025 CU3: April 14, 2026	14 Apr 202614:00	–	mskb
Microsoft KB	KB5083252 - Description of the security update for SQL Server 2022 CU24: April 14, 2026	14 Apr 202614:00	–	mskb
Microsoft KB	KB5084814 - Description of the security update for SQL Server 2025 GDR: April 14, 2026	14 Apr 202614:00	–	mskb
Microsoft KB	KB5084815 - Description of the security update for SQL Server 2022 GDR: April 14, 2026	14 Apr 202614:00	–	mskb
Microsoft KB	KB5084816 - Description of the security update for SQL Server 2019 CU32: April 14, 2026	14 Apr 202614:00	–	mskb

[
  {
    "enisaIdVendor": [
      {
        "id": "d7daafcb-159e-3b9f-b64a-958b089e8990",
        "vendor": {
          "name": "Microsoft"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "3b027221-c307-343a-913d-38def2786595",
        "product": {
          "name": "Microsoft SQL Server 2022 for x64-based Systems (CU 24)"
        },
        "product_version": "16.0.0.0 <16.0.4250.1"
      },
      {
        "id": "5d0f18a1-4802-356d-9bcc-d8e2fdc3de79",
        "product": {
          "name": "Microsoft SQL Server 2019 (GDR)"
        },
        "product_version": "15.0.0 <15.0.2165.1"
      },
      {
        "id": "72881af4-11cb-3437-ac3b-08c99b44e2f8",
        "product": {
          "name": "Microsoft SQL Server 2025 (CU 3)"
        },
        "product_version": "17.0.4030.1 <17.0.4030.1"
      },
      {
        "id": "83651085-13f8-3ca9-86b4-b818c832c4e4",
        "product": {
          "name": "Microsoft SQL Server 2022 (GDR)"
        },
        "product_version": "16.0.0 <16.0.1175.1"
      },
      {
        "id": "b6f13eb3-3b1f-3708-8b36-ce97f392144d",
        "product": {
          "name": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack"
        },
        "product_version": "13.0.0 <13.0.7080.1"
      },
      {
        "id": "c29e548e-89b3-3de3-b966-85f0cf0f2f3e",
        "product": {
          "name": "Microsoft SQL Server 2019 (CU 32)"
        },
        "product_version": "15.0.0.0 <15.0.4465.1"
      },
      {
        "id": "d4504b08-5cc0-3ad1-87d1-f015be1f445f",
        "product": {
          "name": "Microsoft SQL Server 2017 (GDR)"
        },
        "product_version": "14.0.0 <14.0.2105.1"
      },
      {
        "id": "eed39bfd-f7ad-3651-a81f-b889059ad13d",
        "product": {
          "name": "Microsoft SQL Server 2025 for x64-based Systems (GDR)"
        },
        "product_version": "17.0.1050.2 <17.0.1110.1"
      },
      {
        "id": "f1a14d07-eaf5-36ac-b6e6-45f5f4bbcd0c",
        "product": {
          "name": "Microsoft SQL Server 2017 (CU 31)"
        },
        "product_version": "14.0.0 <14.0.3525.1"
      },
      {
        "id": "f9f14957-db08-3b84-a94e-a4e5bfe185b7",
        "product": {
          "name": "Microsoft SQL Server 2016 Service Pack 3 (GDR)"
        },
        "product_version": "13.0.0 <13.0.6485.1"
      }
    ]
  }
]

Source	Link
msrc	www.msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32176
nvd	www.nvd.nist.gov/vuln/detail/CVE-2026-32176

14 Apr 2026 18:30Current

5.8Medium risk

Vulners AI Score5.8

CVSS 3.16.7

EPSS0.00068

SSVC