CVE-2026-32167

MEDIUM(6.7)

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Risk Signal Score17/100 — NIEDRIG

CVSS 6.7 — Mittel

EPSS-Score

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

6.7

Technische Schwere

Beschreibung

Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges locally.

Referenzen

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32167