CVE-2025-55227

Publication date

2025-09-09 17:01:32

Family

microsoft

State

PUBLISHED

Description

Improper neutralization of special elements used in a command (command injection) in SQL Server allows an authorized attacker to elevate privileges over a network.