Security Advisory

CVE-2026-32167

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-04-14 16:57:30
Last updated 2026-06-19 16:07:57
Assigner microsoft
State PUBLISHED

Description

Improper neutralization of special elements used in an sql command (sql injection) in SQL Server allows an authorized attacker to elevate privileges locally.