Lucene search
K
MicrosoftSql Server 2025

5 matches found

CVE
CVE
added 2026/05/12 4:59 p.m.452 views

CVE-2026-40370

CVE-2026-40370 is a SQL Server Remote Code Execution vulnerability described across multiple sources as external control of a file name or path that can allow an authorized attacker to run code over the network. Connected documents enumerate affected SQL Server components and versions (e.g., SQL ...

8.8CVSS6AI score0.00555EPSS
CVE
CVE
added 2026/03/10 5:5 p.m.120 views

CVE-2026-26115

CVE-2026-26115: Microsoft SQL Server Elevation of Privilege due to improper validation of input. Affects Microsoft SQL Server; vulnerability is exploitable over a network by an authorized attacker with LOW privileges; CVSS v3.1 base score 8.8 (High). Connected sources also reference related bugs ...

8.8CVSS5.8AI score0.01095EPSS
CVE
CVE
added 2026/04/14 4:57 p.m.108 views

CVE-2026-33120

CVE-2026-33120 affects Microsoft SQL Server and is a remote code execution vulnerability. The entry documents a network-based exploit with low attack complexity and low privileges required, resulting in high impact to confidentiality, integrity, and availability. The CVSS v3.1 base score is 8.8 (...

8.8CVSS6AI score0.00706EPSS
CVE
CVE
added 2026/03/10 5:4 p.m.80 views

CVE-2026-21262

CVE-2026-21262 affects Microsoft SQL Server and is a privilege-escalation vulnerability caused by improper access control. An authorized, network-present attacker with low privileges can elevate to sysadmin, potentially reading/changing data, creating accounts, or altering configurations, as desc...

8.8CVSS5.8AI score0.02044EPSS
In wild
CVE
CVE
added 2026/03/10 5:5 p.m.73 views

CVE-2026-26116

CVE-2026-26116 is a SQL Server Elevation of Privilege vulnerability due to improper neutralization of special elements in SQL commands. Affected product: Microsoft SQL Server (SQL Server 2025 GDR) with potential network‑based exploitation and high impact (CVE-2026-26116). The issue is mitigated b...

8.8CVSS5.8AI score0.01191EPSS