{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-26115", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "state": "PUBLISHED", "assignerShortName": "microsoft", "dateReserved": "2026-02-11T15:52:13.910Z", "datePublished": "2026-03-10T17:05:07.320Z", "dateUpdated": "2026-04-14T16:36:11.651Z"}, "containers": {"cna": {"title": "SQL Server Elevation of Privilege Vulnerability", "datePublic": "2026-03-10T14:00:00.000Z", "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*", "versionStartIncluding": "17.0.1050.2", "versionEndExcluding": "17.0.1105.2"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*", "versionStartIncluding": "14.0.0", "versionEndExcluding": "14.0.2100.4"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*", "versionStartIncluding": "13.0.0", "versionEndExcluding": "13.0.6480.4"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*", "versionStartIncluding": "14.0.0", "versionEndExcluding": "14.0.3520.4"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*", "versionStartIncluding": "16.0.0", "versionEndExcluding": "16.0.1170.5"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*", "versionStartIncluding": "15.0.0.0", "versionEndExcluding": "15.0.4460.4"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*", "versionStartIncluding": "16.0.0.0", "versionEndExcluding": "16.0.4240.4"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*", "versionStartIncluding": "17.0.0.0", "versionEndExcluding": "17.0.4020.2"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*", "versionStartIncluding": "15.0.0", "versionEndExcluding": "15.0.2160.4"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*", "versionStartIncluding": "13.0.0", "versionEndExcluding": "13.0.7075.5"}]}]}], "affected": [{"vendor": "Microsoft", "product": "Microsoft SQL Server 2016 Service Pack 3 (GDR)", "platforms": ["x64-based Systems"], "versions": [{"version": "13.0.0", "lessThan": "13.0.6480.4", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack", "platforms": ["x64-based Systems"], "versions": [{"version": "13.0.0", "lessThan": "13.0.7075.5", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2017 (CU 31)", "platforms": ["x64-based Systems"], "versions": [{"version": "14.0.0", "lessThan": "14.0.3520.4", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2017 (GDR)", "platforms": ["x64-based Systems"], "versions": [{"version": "14.0.0", "lessThan": "14.0.2100.4", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2019 (CU 32)", "platforms": ["x64-based Systems"], "versions": [{"version": "15.0.0.0", "lessThan": "15.0.4460.4", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2019 (GDR)", "platforms": ["x64-based Systems"], "versions": [{"version": "15.0.0", "lessThan": "15.0.2160.4", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2022 (GDR)", "platforms": ["x64-based Systems"], "versions": [{"version": "16.0.0", "lessThan": "16.0.1170.5", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2022 for x64-based Systems (CU 23)", "platforms": ["x64-based Systems"], "versions": [{"version": "16.0.0.0", "lessThan": "16.0.4240.4", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2025 (CU 2)", "platforms": ["x64-based Systems"], "versions": [{"version": "17.0.0.0", "lessThan": "17.0.4020.2", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2025 for x64-based Systems (GDR)", "platforms": ["x64-based Systems"], "versions": [{"version": "17.0.1050.2", "lessThan": "17.0.1105.2", "versionType": "custom", "status": "affected"}]}], "descriptions": [{"value": "Improper validation of specified type of input in SQL Server allows an authorized attacker to elevate privileges over a network.", "lang": "en-US"}], "problemTypes": [{"descriptions": [{"description": "CWE-1287: Improper Validation of Specified Type of Input", "lang": "en-US", "type": "CWE", "cweId": "CWE-1287"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2026-04-14T16:36:11.651Z"}, "references": [{"name": "SQL Server Elevation of Privilege Vulnerability", "tags": ["vendor-advisory", "patch"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26115"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseSeverity": "HIGH", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"}}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-26115", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-11T03:55:59.792025Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-11T13:08:16.518Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-26115", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-11T03:55:59.792025Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-11T13:02:11.764Z"}}], "cna": {"title": "SQL Server Elevation of Privilege Vulnerability", "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}], "affected": [{"vendor": "Microsoft", "product": "Microsoft SQL Server 2016 Service Pack 3 (GDR)", "versions": [{"status": "affected", "version": "13.0.0", "lessThan": "13.0.6480.4", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack", "versions": [{"status": "affected", "version": "13.0.0", "lessThan": "13.0.7075.5", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2017 (CU 31)", "versions": [{"status": "affected", "version": "14.0.0", "lessThan": "14.0.3520.4", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2017 (GDR)", "versions": [{"status": "affected", "version": "14.0.0", "lessThan": "14.0.2100.4", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2019 (CU 32)", "versions": [{"status": "affected", "version": "15.0.0.0", "lessThan": "15.0.4460.4", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2019 (GDR)", "versions": [{"status": "affected", "version": "15.0.0", "lessThan": "15.0.2160.4", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2022 (GDR)", "versions": [{"status": "affected", "version": "16.0.0", "lessThan": "16.0.1170.5", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2022 for x64-based Systems (CU 23)", "versions": [{"status": "affected", "version": "16.0.0.0", "lessThan": "16.0.4240.4", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2025 (CU 2)", "versions": [{"status": "affected", "version": "17.0.0.0", "lessThan": "17.0.4020.2", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2025 for x64-based Systems (GDR)", "versions": [{"status": "affected", "version": "17.0.1050.2", "lessThan": "17.0.1105.2", "versionType": "custom"}], "platforms": ["x64-based Systems"]}], "datePublic": "2026-03-10T14:00:00.000Z", "references": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26115", "name": "SQL Server Elevation of Privilege Vulnerability", "tags": ["vendor-advisory", "patch"]}], "descriptions": [{"lang": "en-US", "value": "Improper validation of specified type of input in SQL Server allows an authorized attacker to elevate privileges over a network."}], "problemTypes": [{"descriptions": [{"lang": "en-US", "type": "CWE", "cweId": "CWE-1287", "description": "CWE-1287: Improper Validation of Specified Type of Input"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*", "vulnerable": true, "versionEndExcluding": "17.0.1105.2", "versionStartIncluding": "17.0.1050.2"}, {"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*", "vulnerable": true, "versionEndExcluding": "14.0.2100.4", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*", "vulnerable": true, "versionEndExcluding": "13.0.6480.4", "versionStartIncluding": "13.0.0"}, {"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*", "vulnerable": true, "versionEndExcluding": "14.0.3520.4", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*", "vulnerable": true, "versionEndExcluding": "16.0.1170.5", "versionStartIncluding": "16.0.0"}, {"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*", "vulnerable": true, "versionEndExcluding": "15.0.4460.4", "versionStartIncluding": "15.0.0.0"}, {"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*", "vulnerable": true, "versionEndExcluding": "16.0.4240.4", "versionStartIncluding": "16.0.0.0"}, {"criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*", "vulnerable": true, "versionEndExcluding": "17.0.4020.2", "versionStartIncluding": "17.0.0.0"}, {"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*", "vulnerable": true, "versionEndExcluding": "15.0.2160.4", "versionStartIncluding": "15.0.0"}, {"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*", "vulnerable": true, "versionEndExcluding": "13.0.7075.5", "versionStartIncluding": "13.0.0"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2026-04-14T16:36:11.651Z"}}}, "cveMetadata": {"cveId": "CVE-2026-26115", "state": "PUBLISHED", "dateUpdated": "2026-04-14T16:36:11.651Z", "dateReserved": "2026-02-11T15:52:13.910Z", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "datePublished": "2026-03-10T17:05:07.320Z", "assignerShortName": "microsoft"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:x64:*", "matchCriteriaId": "0512F204-5C6C-416C-BAE9-37A46C517A5B", "versionEndExcluding": "13.0.6480.4", "versionStartIncluding": "13.0.6300.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:x64:*", "matchCriteriaId": "FF21E018-C759-44FA-B1BF-1A97054606E7", "versionEndExcluding": "13.0.7075.5", "versionStartIncluding": "13.0.7000.253", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:x64:*", "matchCriteriaId": "36B7482B-D75C-4EFD-AD60-251BAD0A9FE4", "versionEndExcluding": "14.0.2100.4", "versionStartIncluding": "14.0.1000.169", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:x64:*", "matchCriteriaId": "AAE03DE1-E3F6-4450-9B06-695C0BEC4517", "versionEndExcluding": "14.0.3520.4", "versionStartIncluding": "14.0.3006.16", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*", "matchCriteriaId": "EB3E749F-531E-4516-A23E-C62FB6564CE3", "versionEndExcluding": "15.0.2160.4", "versionStartIncluding": "15.0.2000.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*", "matchCriteriaId": "52924A9F-292A-4A73-9A9C-6A59763AD615", "versionEndExcluding": "15.0.4460.4", "versionStartIncluding": "15.0.4003.23", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*", "matchCriteriaId": "930A8DB4-E8DF-4C8B-8D7C-43DDB705D5E6", "versionEndExcluding": "16.0.1170.5", "versionStartIncluding": "16.0.1000.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*", "matchCriteriaId": "DA833891-A29B-46C0-8945-693E70C0AA57", "versionEndExcluding": "16.0.4240.4", "versionStartIncluding": "16.0.4003.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*", "matchCriteriaId": "F84213DD-60E8-49FB-8DA5-BCBFE69059C2", "versionEndExcluding": "17.0.1050.2", "versionStartIncluding": "17.0.1000.7", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*", "matchCriteriaId": "EE7E80DA-728A-4BA2-9D72-71577FE83723", "versionEndExcluding": "17.0.4020.2", "versionStartIncluding": "17.0.4006.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Improper validation of specified type of input in SQL Server allows an authorized attacker to elevate privileges over a network."}, {"lang": "es", "value": "Validaci\u00f3n incorrecta del tipo de entrada especificado en SQL Server permite a un atacante autorizado elevar privilegios a trav\u00e9s de una red."}], "id": "CVE-2026-26115", "lastModified": "2026-03-13T20:21:13.257", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "secure@microsoft.com", "type": "Secondary"}]}, "published": "2026-03-10T18:18:40.590", "references": [{"source": "secure@microsoft.com", "tags": ["Vendor Advisory"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26115"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1287"}], "source": "secure@microsoft.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[13.0.0,13.0.6480.4)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Microsoft SQL Server 2016 Service Pack 3 (GDR)", "source": "cna", "vendor": "Microsoft"}, "product": "microsoft_sql_server_2016_service_pack_3_(gdr)", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[13.0.0,13.0.7075.5)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack", "source": "cna", "vendor": "Microsoft"}, "product": "microsoft_sql_server_2016_service_pack_3_azure_connect_feature_pack", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[14.0.0,14.0.3520.4)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Microsoft SQL Server 2017 (CU 31)", "source": "cna", "vendor": "Microsoft"}, "product": "microsoft_sql_server_2017_(cu_31)", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[14.0.0,14.0.2100.4)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Microsoft SQL Server 2017 (GDR)", "source": "cna", "vendor": "Microsoft"}, "product": "microsoft_sql_server_2017_(gdr)", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[15.0.0.0,15.0.4460.4)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Microsoft SQL Server 2019 (CU 32)", "source": "cna", "vendor": "Microsoft"}, "product": "microsoft_sql_server_2019_(cu_32)", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[15.0.0,16.0.1170.5)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Microsoft SQL Server 2019 (GDR)", "source": "cna", "vendor": "Microsoft"}, "product": "microsoft_sql_server_2019_(gdr)", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[16.0.0,16.0.1170.5)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Microsoft SQL Server 2022 (GDR)", "source": "cna", "vendor": "Microsoft"}, "product": "microsoft_sql_server_2022_(gdr)", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[16.0.0.0,16.0.4240.4)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Microsoft SQL Server 2022 for x64-based Systems (CU 23)", "source": "cna", "vendor": "Microsoft"}, "product": "microsoft_sql_server_2022_for_x64-based_systems_(cu_23)", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[17.0.0.0,17.0.4020.2)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Microsoft SQL Server 2025 (CU 2)", "source": "cna", "vendor": "Microsoft"}, "product": "microsoft_sql_server_2025_(cu_2)", "vendor": "microsoft"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[17.0.1050.2,17.0.1105.2)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Microsoft SQL Server 2025 for x64-based Systems (GDR)", "source": "cna", "vendor": "Microsoft"}, "product": "microsoft_sql_server_2025_for_x64-based_systems_(gdr)", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[13.0.0,13.0.6480.4)"}}, {"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[13.0.0,13.0.7075.5)"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "sql_server_2016", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[14.0.0,14.0.3520.4)"}}, {"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[14.0.0,14.0.2100.4)"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "sql_server_2017", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[15.0.0.0,15.0.4460.4)"}}, {"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[15.0.0,16.0.1170.5)"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "sql_server_2019", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[16.0.0,16.0.1170.5)"}}, {"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[16.0.0.0,16.0.4240.4)"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "sql_server_2022", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[17.0.0.0,17.0.4020.2)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[17.0.1050.2,17.0.1105.2)"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "sql_server_2025", "vendor": "microsoft"}], "analysis": {"en": {"generated_at": "2026-03-16T23:19:46.079825+00:00", "value": {"mitigation_remediation": ["Apply the latest patch or cumulative update for your SQL Server version from the Microsoft Update Center or the update guide at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26115", "Verify that the update has been installed by checking the server version or release notes", "If a patch is not yet available, restrict network access to the SQL Server instance and monitor Microsoft security bulletins for an update"], "summary": {"action": "Apply Patch", "impact": "Privilege Escalation"}, "threat_synthesis": {"affected_systems": "Affected systems include Microsoft SQL Server 2016 Service Pack 3 (GDR and Azure Connect Feature Pack), Microsoft SQL Server 2017 (CU 31 and GDR), Microsoft SQL Server 2019 (CU 32 and GDR), Microsoft SQL Server 2022 (GDR and CU 23 for x64\u2011based systems), and Microsoft SQL Server 2025 (CU 2 and GDR for x64\u2011based systems). Specific version details are not provided in the CNA affected version list, but the product names and service pack levels listed above are the affected configurations. The Common Platform Enumeration strings confirm coverage across multiple SQL Server releases on x64 platforms.", "description_and_impact": "The vulnerability is caused by improper validation of a specific type of input in Microsoft SQL Server. As a result, an attacker who already has authorized access to a network can elevate their privileges to a higher level. This represents a classic privilege\u2011escalation flaw where the attacker could potentially gain administrative rights or perform actions beyond their intended scope. The weakness is identified as CWE\u20111287, which describes an authorization bypass through user-controlled keys or validation errors.", "risk_and_exploitability": "The CVSS score of 8.8 labels this a high\u2011severity vulnerability, indicating a significant impact if successfully exploited. The EPSS score of less than 1% suggests that exploitation is currently improbable, and the vulnerability is not catalogued in the CISA KEV repository. Attackers would need existing authorized network access to the SQL Server instance and would exploit the faulty input validation to raise their privileges. Because the attack vector requires local or network-level credentials, the exploitation conditions are relatively constrained compared to remote code execution flaws."}}}}, "created": "2026-03-11T11:45:42.305769+00:00", "updated": "2026-03-20T14:34:18.616518+00:00", "vendors": ["microsoft", "microsoft$PRODUCT$microsoft_sql_server_2016_service_pack_3_(gdr)", "microsoft$PRODUCT$microsoft_sql_server_2016_service_pack_3_azure_connect_feature_pack", "microsoft$PRODUCT$microsoft_sql_server_2017_(cu_31)", "microsoft$PRODUCT$microsoft_sql_server_2017_(gdr)", "microsoft$PRODUCT$microsoft_sql_server_2019_(cu_32)", "microsoft$PRODUCT$microsoft_sql_server_2019_(gdr)", "microsoft$PRODUCT$microsoft_sql_server_2022_(gdr)", "microsoft$PRODUCT$microsoft_sql_server_2022_for_x64-based_systems_(cu_23)", "microsoft$PRODUCT$microsoft_sql_server_2025_(cu_2)", "microsoft$PRODUCT$microsoft_sql_server_2025_for_x64-based_systems_(gdr)", "microsoft$PRODUCT$sql_server_2016", "microsoft$PRODUCT$sql_server_2017", "microsoft$PRODUCT$sql_server_2019", "microsoft$PRODUCT$sql_server_2022", "microsoft$PRODUCT$sql_server_2025"]}