CVE-2026-33120

CVE-2026-33120 affects Microsoft SQL Server and is a remote code execution vulnerability. The entry documents a network-based exploit with low attack complexity and low privileges required, resulting in high impact to confidentiality, integrity, and availability. The CVSS v3.1 base score is 8.8 (...

CVE-2026-33120 Microsoft SQL Server Remote Code Execution Vulnerability

...

CVE-2026-33120 Microsoft SQL Server Remote Code Execution Vulnerability

...

CVE-2026-32167

CVE-2026-32167 is a SQL Server Elevation of Privilege vulnerability caused by improper neutralization of input in SQL commands. An authorized local attacker could elevate privileges. Microsoft security updates address this CVE (e.g., KB5084815/KB5084816 for SQL Server 2022/2019 CU releases; relat...

CVE-2026-32167 SQL Server Elevation of Privilege Vulnerability

...

[R3] Tenable Identity Exposure Version 3.77.17 Fixes Multiple Vulnerabilities

R3 Tenable Identity Exposure Version 3.77.17 Fixes Multiple Vulnerabilities Aaron Roy Tue, 04/14/2026 - 10:54 Tenable Identity Exposure leverages third-party software to help provide underlying functionality. Several of the third-party components .NET Windows Server Hosting, NodeJS, Erlang OTP, S...

KB5084816 - Description of the security update for SQL Server 2019 CU32: April 14, 2026

KB5084816 - Description of the security update for SQL Server 2019 CU32: April 14, 2026 Summary Known issues in this update Improvements and fixes included in this update How to obtain and install the update How to obtain or download the latest cumulative update package for Linux More information...

KB5083252 - Description of the security update for SQL Server 2022 CU24: April 14, 2026

KB5083252 - Description of the security update for SQL Server 2022 CU24: April 14, 2026 Summary Known issues in this update Improvements and fixes included in this update How to obtain and install the update How to obtain or download the latest cumulative update package for Linux More information...

KB5084814 - Description of the security update for SQL Server 2025 GDR: April 14, 2026

KB5084814 - Description of the security update for SQL Server 2025 GDR: April 14, 2026 Applies To SQL Server 2025 on Windows all editions, SQL Server 2025 on Linux all editions Summary Known issues in this update Improvements and fixes included in this update How to obtain and install the update...

KB5084820 - Description of the security update for SQL Server 2016 SP3 Azure Connect Feature Pack: April 14, 2026

KB5084820 - Description of the security update for SQL Server 2016 SP3 Azure Connect Feature Pack: April 14, 2026 Summary Known issues in this update Improvements and fixes included in this update How to obtain and install the update More information File information Information about protection...

KB5084819 - Description of the security update for SQL Server 2017 GDR: April 14, 2026

KB5084819 - Description of the security update for SQL Server 2017 GDR: April 14, 2026 Summary Known issues in this update Improvements and fixes included in this update How to obtain and install the update More information File information Information about protection and security Summary This...

KB5083245- Description of the security update for SQL Server 2025 CU3: April 14, 2026

KB5083245- Description of the security update for SQL Server 2025 CU3: April 14, 2026 Applies To SQL Server 2025 on Windows all editions, SQL Server 2025 on Linux all editions Summary Known issues in this update Improvements and fixes included in this update How to obtain and install the update H...

KB5084817- Description of the security update for SQL Server 2019 GDR: April 14, 2026

KB5084817- Description of the security update for SQL Server 2019 GDR: April 14, 2026 Summary Known issues in this update Improvements and fixes included in this update How to obtain and install the update More information File information Information about protection and security Summary This...

Microsoft SQL Server Remote Code Execution Vulnerability

Untrusted pointer dereference in SQL Server allows an authorized attacker to execute code over a network...

SQL Server Elevation of Privilege Vulnerability

Improper neutralization of special elements used in an sql command 'sql injection' in SQL Server allows an authorized attacker to elevate privileges locally...

KLA90987 Multiple vulnerabilities in Microsoft SQL Server

Multiple vulnerabilities were found in Microsoft SQL Server. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft SQL Server can be exploited remotely to...

Microsoft SQL Server SQL注入漏洞

Microsoft SQL Server is a large-scale commercial database system developed by Microsoft Corporation, used under the Microsoft Windows operating system. Microsoft SQL Server has a SQL injection vulnerability. Attackers can exploit this vulnerability to gain higher privileges. The following product...

Microsoft SQL Server SQL注入漏洞

Microsoft SQL Server is a large-scale commercial database system developed by Microsoft Corporation, used under the Microsoft Windows operating system. Microsoft SQL Server has a SQL injection vulnerability. Attackers can exploit this vulnerability to gain higher privileges. The following product...

Microsoft SQL Server 安全漏洞

Microsoft SQL Server is a large-scale commercial database system developed by Microsoft Corporation, used under the Microsoft Windows operating system. There are security vulnerabilities in Microsoft SQL Server. Attackers can exploit these vulnerabilities to execute code...

VulnCheck KEV: CVE-2026-21262

Improper access control in SQL Server allows an authorized attacker to elevate privileges over a network...