Описание
Multiple vulnerabilities were found in Microsoft SQL Server. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, gain privileges, obtain sensitive information, spoof user interface.
Below is a complete list of vulnerabilities:
- An elevation of privilege vulnerability in Microsoft SQL Server can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Microsoft SQL Server can be exploited remotely to obtain sensitive information.
- A remote code execution vulnerability in Microsoft SQL Server can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Microsoft Fabric Data Warehouse can be exploited remotely to execute arbitrary code.
- A spoofing vulnerability in Microsoft PowerBI Report Server can be exploited remotely to spoof user interface.
Первичный источник обнаружения
- CVE-2026-47295
CVE-2026-47296
CVE-2026-50468
CVE-2026-54116
CVE-2026-54117
CVE-2026-54118
CVE-2026-55002
CVE-2026-56642
CVE-2026-58647
Эксплуатация
Связанные продукты
Список CVE
- CVE-2026-47296 critical
- CVE-2026-54117 unknown
- CVE-2026-54118 critical
- CVE-2026-55002 unknown
- CVE-2026-58647 high
- CVE-2026-47295 critical
- CVE-2026-50468 unknown
- CVE-2026-54116 high
- CVE-2026-56642 critical
Список KB
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!