U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2026-47295

Change History

New CVE Received from Microsoft Corporation 7/14/2026 2:17:17 PM

Action Type Old Value New Value
Added Description

                  
                
              
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network.
Added CVSS V3.1

                  
                
              
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Added CWE

                  
                
              
CWE-89
Added Reference

                  
                
              
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47295
Added Affected

                  
                
              
[{"vendor":"Microsoft","product":"Microsoft SQL Server 2016 Service Pack 3 (GDR)","platforms":["x64-based Systems"],"versions":[{"version":"13.0.0","lessThan":"13.0.6500.1","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack","platforms":["x64-based Systems"],"versions":[{"version":"13.0.0","lessThan":"13.0.7095.1","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SQL Server 2017 (CU 31)","platforms":["x64-based Systems"],"versions":[{"version":"14.0.0","lessThan":"14.0.3540.1","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SQL Server 2017 (GDR)","platforms":["x64-based Systems"],"versions":[{"version":"14.0.0","lessThan":"14.0.2120.1","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SQL Server 2019 (CU 32)","platforms":["x64-based Systems"],"versions":[{"version":"15.0.0.0","lessThan":"15.0.4480.2","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SQL Server 2019 (GDR)","platforms":["x64-based Systems"],"versions":[{"version":"15.0.0","lessThan":"15.0.2180.2","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SQL Server 2022 (GDR)","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.1190.2","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SQL Server 2022 for x64-based Systems (CU 25)","versions":[{"version":"16.0.4260.1","lessThan":"16.0.4262.2","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SQL Server 2025 (CU 6)","versions":[{"version":"17.0.4060.2","lessThan":"17.0.4060.2","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SQL Server 2025 for x64-based Systems (GDR)","platforms":["x64-based Systems"],"versions":[{"version":"17.0.1050.2","lessThan":"17.0.1125.2","versionType":"custom","status":"affected"}]}]