Sql Server 2025 Security Vulnerabilities and Issues — Sql Server 2025 CVE List

MicrosoftSql Server 2025

7 matches found

CVE•added 2026/04/14 4:57 p.m.•82 views

CVE-2026-32167

CVE-2026-32167 is a SQL Server Elevation of Privilege vulnerability caused by improper neutralization of input in SQL commands. An authorized local attacker could elevate privileges. Microsoft security updates address this CVE (e.g., KB5084815/KB5084816 for SQL Server 2022/2019 CU releases; relat...

7.8CVSS5.8AI score0.00068EPSS

CVE•added 2026/01/13 5:56 p.m.•54 views

CVE-2026-20803

CVE-2026-20803 is a Microsoft SQL Server elevation of privilege vulnerability. The issue allows an authenticated attacker to gain elevated privileges on the SQL Server instance over a network, due to missing authentication for a critical function. Connected advisories confirm exploitation risk an...

7.2CVSS7.3AI score0.00061EPSS

CVE•added 2026/04/14 4:57 p.m.•54 views

CVE-2026-33120

CVE-2026-33120 affects Microsoft SQL Server and is a remote code execution vulnerability. The entry documents a network-based exploit with low attack complexity and low privileges required, resulting in high impact to confidentiality, integrity, and availability. The CVSS v3.1 base score is 8.8 (...

8.8CVSS6AI score0.00089EPSS

CVE•added 2026/03/10 5:4 p.m.•42 views

CVE-2026-21262

Technical details about CVE-2026-21262 are not provided in the initial document or connected sources. Monitor for updates; no information on affected products, root cause, or remediation is available here.

8.8CVSS5.8AI score0.00087EPSS

In wild

CVE•added 2026/03/10 5:5 p.m.•39 views

CVE-2026-26115

CVE-2026-26115: Microsoft SQL Server Elevation of Privilege due to improper validation of input. Affects Microsoft SQL Server; vulnerability is exploitable over a network by an authorized attacker with LOW privileges; CVSS v3.1 base score 8.8 (High). Connected sources also reference related bugs ...

8.8CVSS5.8AI score0.00139EPSS

CVE•added 2026/03/10 5:5 p.m.•35 views

CVE-2026-26116

CVE-2026-26116 is a SQL Server Elevation of Privilege vulnerability due to improper neutralization of special elements in SQL commands. Affected product: Microsoft SQL Server (SQL Server 2025 GDR) with potential network‑based exploitation and high impact (CVE-2026-26116). The issue is mitigated b...

8.8CVSS5.8AI score0.00062EPSS

CVE•added 2026/04/14 4:58 p.m.•32 views

CVE-2026-32176

CVE-2026-32176 arises from improper neutralization of input in SQL Server, enabling an authorized local user to elevate privileges. Connected sources confirm this is one of multiple SQL Server elevation-of-privilege issues addressed in the Microsoft April 2026 security updates (e.g., KB5084815 fo...

7.8CVSS5.8AI score0.00068EPSS