Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Tue, 14 Jul 2026 21:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Microsoft microsoft Sql Server 2016 Service Pack 3 Azure Connect Feature Pack
Microsoft microsoft Sql Server 2017 (gdr) Microsoft microsoft Sql Server 2019 (gdr) Microsoft microsoft Sql Server 2022 For X64-based Systems (cu 23) Microsoft microsoft Sql Server 2025 For X64-based Systems (gdr) |
|
| Vendors & Products |
Microsoft microsoft Sql Server 2016 Service Pack 3 Azure Connect Feature Pack
Microsoft microsoft Sql Server 2017 (gdr) Microsoft microsoft Sql Server 2019 (gdr) Microsoft microsoft Sql Server 2022 For X64-based Systems (cu 23) Microsoft microsoft Sql Server 2025 For X64-based Systems (gdr) |
Tue, 14 Jul 2026 19:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Tue, 14 Jul 2026 17:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges locally. | |
| Title | Microsoft SQL Server Elevation of Privilege Vulnerability | |
| First Time appeared |
Microsoft
Microsoft sql Server 2016 Microsoft sql Server 2017 Microsoft sql Server 2019 Microsoft sql Server 2022 Microsoft sql Server 2025 |
|
| Weaknesses | CWE-89 | |
| CPEs | cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:* cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:* cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:* cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:* cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:* |
|
| Vendors & Products |
Microsoft
Microsoft sql Server 2016 Microsoft sql Server 2017 Microsoft sql Server 2019 Microsoft sql Server 2022 Microsoft sql Server 2025 |
|
| References |
| |
| Metrics |
cvssV3_1
|
Subscriptions
Status: PUBLISHED
Assigner: microsoft
Published:
Updated: 2026-07-15T19:32:00.817Z
Reserved: 2026-05-18T23:53:33.897Z
Link: CVE-2026-47296
Updated: 2026-07-14T17:44:39.328Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-14T21:00:03Z