VDB

msrc_CVE-2026-40370

msrc_CVE-2026-40370 PUBLISHED CVSS 8.800000190734863 HIGH

Risk Scores

CVSS 3.1
8.800000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Affected Products

VendorProductVersions
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 14.0.3530.2
Microsoft SQL Server 2022 for x64-based Systems (GDR) <16.0.1180.1
Microsoft SQL Server 2017 for x64-based Systems (CU 31) <14.0.3530.2
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack <13.0.7085.1
Microsoft SQL Server 2017 for x64-based Systems (GDR) 14.0.2110.2
Microsoft SQL Server 2022 for x64-based Systems (GDR) 16.0.1180.1
Microsoft SQL Server 2019 for x64-based Systems (GDR) 15.0.2170.1
Microsoft SQL Server 2025 for x64-based Systems (CU4) <17.0.4040.1
Microsoft SQL Server 2017 for x64-based Systems (GDR) <14.0.2110.2
Microsoft SQL Server 2022 for x64-based Systems (CU 24) 16.0.4252.3
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) <13.0.6490.1
Microsoft SQL Server 2019 for x64-based Systems (CU 32) <15.0.4470.1
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 13.0.6490.1
Microsoft SQL Server 2025 for x64-based Systems (GDR) <17.0.1115.1
Microsoft SQL Server 2025 for x64-based Systems (GDR) 17.0.1115.1
Microsoft SQL Server 2019 for x64-based Systems (CU 32) 15.0.4470.1
Microsoft SQL Server 2025 for x64-based Systems (CU4) 17.0.4040.1
Microsoft SQL Server 2022 for x64-based Systems (CU 24) <16.0.4252.3
Microsoft SQL Server 2019 for x64-based Systems (GDR) <15.0.2170.1
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 13.0.7085.1

Exploit Intelligence

…and 5 more exploits

Timeline

  • May 12, 2026 CVE Published
  • May 13, 2026 Security Advisory
  • May 13, 2026 Security Advisory

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›