CVE-2026-32167

CVE-2026-32167 is a SQL Server Elevation of Privilege vulnerability caused by improper neutralization of input in SQL commands. An authorized local attacker could elevate privileges. Microsoft security updates address this CVE (e.g., KB5084815/KB5084816 for SQL Server 2022/2019 CU releases; relat...

[R3] Tenable Identity Exposure Version 3.77.17 Fixes Multiple Vulnerabilities

R3 Tenable Identity Exposure Version 3.77.17 Fixes Multiple Vulnerabilities Aaron Roy Tue, 04/14/2026 - 10:54 Tenable Identity Exposure leverages third-party software to help provide underlying functionality. Several of the third-party components .NET Windows Server Hosting, NodeJS, Erlang OTP, S...

KB5084817- Description of the security update for SQL Server 2019 GDR: April 14, 2026

KB5084817- Description of the security update for SQL Server 2019 GDR: April 14, 2026 Summary Known issues in this update Improvements and fixes included in this update How to obtain and install the update More information File information Information about protection and security Summary This...

KB5084819 - Description of the security update for SQL Server 2017 GDR: April 14, 2026

KB5084819 - Description of the security update for SQL Server 2017 GDR: April 14, 2026 Summary Known issues in this update Improvements and fixes included in this update How to obtain and install the update More information File information Information about protection and security Summary This...

KB5084814 - Description of the security update for SQL Server 2025 GDR: April 14, 2026

KB5084814 - Description of the security update for SQL Server 2025 GDR: April 14, 2026 Applies To SQL Server 2025 on Windows all editions, SQL Server 2025 on Linux all editions Summary Known issues in this update Improvements and fixes included in this update How to obtain and install the update...

KB5083252 - Description of the security update for SQL Server 2022 CU24: April 14, 2026

KB5083252 - Description of the security update for SQL Server 2022 CU24: April 14, 2026 Summary Known issues in this update Improvements and fixes included in this update How to obtain and install the update How to obtain or download the latest cumulative update package for Linux More information...

KB5083245- Description of the security update for SQL Server 2025 CU3: April 14, 2026

KB5083245- Description of the security update for SQL Server 2025 CU3: April 14, 2026 Applies To SQL Server 2025 on Windows all editions, SQL Server 2025 on Linux all editions Summary Known issues in this update Improvements and fixes included in this update How to obtain and install the update H...

SQL Server Elevation of Privilege Vulnerability

Improper neutralization of special elements used in an sql command 'sql injection' in SQL Server allows an authorized attacker to elevate privileges locally...

Microsoft SQL Server Remote Code Execution Vulnerability

Untrusted pointer dereference in SQL Server allows an authorized attacker to execute code over a network...

KB5084816 - Description of the security update for SQL Server 2019 CU32: April 14, 2026

KB5084816 - Description of the security update for SQL Server 2019 CU32: April 14, 2026 Summary Known issues in this update Improvements and fixes included in this update How to obtain and install the update How to obtain or download the latest cumulative update package for Linux More information...

KB5084820 - Description of the security update for SQL Server 2016 SP3 Azure Connect Feature Pack: April 14, 2026

KB5084820 - Description of the security update for SQL Server 2016 SP3 Azure Connect Feature Pack: April 14, 2026 Summary Known issues in this update Improvements and fixes included in this update How to obtain and install the update More information File information Information about protection...

Microsoft SQL Server SQL注入漏洞

Microsoft SQL Server is a large-scale commercial database system developed by Microsoft Corporation, used under the Microsoft Windows operating system. Microsoft SQL Server has a SQL injection vulnerability. Attackers can exploit this vulnerability to gain higher privileges. The following product...

Microsoft SQL Server 安全漏洞

Microsoft SQL Server is a large-scale commercial database system developed by Microsoft Corporation, used under the Microsoft Windows operating system. There are security vulnerabilities in Microsoft SQL Server. Attackers can exploit these vulnerabilities to execute code...

Microsoft SQL Server SQL注入漏洞

Microsoft SQL Server is a large-scale commercial database system developed by Microsoft Corporation, used under the Microsoft Windows operating system. Microsoft SQL Server has a SQL injection vulnerability. Attackers can exploit this vulnerability to gain higher privileges. The following product...

KLA90987 Multiple vulnerabilities in Microsoft SQL Server

Multiple vulnerabilities were found in Microsoft SQL Server. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft SQL Server can be exploited remotely to...

VulnCheck KEV: CVE-2026-21262

Improper access control in SQL Server allows an authorized attacker to elevate privileges over a network...

EUVD-2025-209294

Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian versions 10.97.3 and...

CVE-2025-14816

The connected PT-2026-30802 advisory confirms CVE-2025-14816 as a local vulnerability affecting Mitsubishi Electric GENESIS64, ICONICS Suite/MobileHMI, Hyper Historian, AnalytiX, GENESIS, and MC Works64 (and related Iconics Digital Solutions variants). The root cause is cleartext storage/display ...

CVE-2025-14816 Information Disclosure, Tampering, and Denial-of-Service Vulnerabilities in GENESIS64, ICONICS Suite, MobileHMI, Hyper Historian, AnalytiX, GENESIS, and MC Works64

Cleartext Storage of Sensitive Information in GUI vulnerability in Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian versions 10.97.3...

Mitsubishi Electric多款产品 安全漏洞

Mitsubishi Electric GENESIS64 and other products are developed by Mitsubishi Electric Corporation of Japan. Mitsubishi Electric GENESIS64 is a SCADA suite. Mitsubishi Electric ICONICS Suite is a monitoring system for digital factories and intelligent buildings. Mitsubishi Electric MobileHMI is a...