CVE-2026-32176

EUVD-2026-22561 MEDIUM

2026-04-14 microsoft

GHSA-vfhv-wjq9-p5qh

SQLi

6.7

CVSS 3.1

Temporal: 5.8

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Apr 14, 2026 - 19:43 vuln.today

DescriptionNVD

Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges locally.

AnalysisAI

SQL injection in Microsoft SQL Server 2016-2025 allows authenticated high-privilege attackers to elevate privileges locally via improper neutralization of SQL command elements. Affected versions include SQL Server 2016 SP3, 2017, 2019, 2022, and 2025 across multiple cumulative updates and GDR releases. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-32176 vulnerability details – vuln.today

Back

CVE-2026-32176

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Full analysis requires sign-in

Share

External POC / Exploit Code