Microsoft Sql Server 2025 Cu 6
Monthly
Type confusion (CWE-843) in Microsoft SQL Server 2025 enables authenticated, low-privileged network attackers to disclose sensitive server-side information. The CVSS vector (AV:N/PR:L/C:H) confirms that any authorized database user - regardless of their data access permissions - can potentially trigger the flaw remotely with no user interaction required. No public exploit code or CISA KEV listing exists at time of analysis, but the high confidentiality impact and low access complexity make patching a meaningful priority for organizations running SQL Server 2025.
Buffer over-read in Microsoft SQL Server 2025 exposes server memory contents to low-privileged authenticated attackers over the network, resulting in high confidentiality impact with no integrity or availability consequences. Both the Cumulative Update 6 (CU 6) and General Distribution Release (GDR) servicing tracks on x64-based systems are confirmed affected per vendor CPE data. No public exploit has been identified and CISA has not listed this in KEV; SSVC assessment corroborates no active exploitation at time of analysis, placing this in a measured but real priority category for environments handling sensitive SQL data.
Privilege elevation in Microsoft SQL Server (2016 SP3 through 2025) allows an authenticated attacker to inject crafted SQL commands over the network and gain higher database privileges (CVSS 8.8). The flaw is a classic improper neutralization of special elements (CWE-89) reachable by any principal already holding low-level database access. No public exploit has been identified at time of analysis, and it is not listed in CISA KEV, though a vendor patch is available.
Local privilege elevation in Microsoft SQL Server (2016 SP3 through 2025) allows an already-authenticated database user to gain higher privileges on the host by controlling a file name or path used by the server engine. The CVSS 3.1 base score is 7.8 with high impact to confidentiality, integrity, and availability, and Microsoft has released a patch. There is no public exploit identified at time of analysis, and the CVE is not in CISA KEV.
Remote code execution in Microsoft SQL Server (2016 SP3 through 2025) allows an authenticated, low-privileged attacker to run arbitrary code on the database server by sending crafted data that the engine deserializes unsafely (CWE-502). Any account able to submit queries or data over the network to a vulnerable instance can achieve full compromise of confidentiality, integrity, and availability. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the CVSS 8.8 rating and the RCE-with-low-privilege profile make it a high-priority patch.
Remote code execution in Microsoft SQL Server 2025 (CU6 and the x64 GDR branch) lets an authenticated attacker run arbitrary code across the network by supplying maliciously crafted serialized data that the server deserializes without validation (CWE-502). The flaw was reported by Microsoft, carries a CVSS 3.1 base score of 8.8, and a vendor patch is available; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Local privilege elevation in Microsoft SQL Server (2016 SP3 through 2025) allows an already-authenticated database user to escalate their privileges by injecting crafted special elements into an SQL command. Microsoft has released a fix and reported the flaw; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Because exploitation requires existing low-level access, the realistic threat is an insider or a compromised low-privilege account pivoting to higher database privileges.
Type confusion (CWE-843) in Microsoft SQL Server 2025 enables authenticated, low-privileged network attackers to disclose sensitive server-side information. The CVSS vector (AV:N/PR:L/C:H) confirms that any authorized database user - regardless of their data access permissions - can potentially trigger the flaw remotely with no user interaction required. No public exploit code or CISA KEV listing exists at time of analysis, but the high confidentiality impact and low access complexity make patching a meaningful priority for organizations running SQL Server 2025.
Buffer over-read in Microsoft SQL Server 2025 exposes server memory contents to low-privileged authenticated attackers over the network, resulting in high confidentiality impact with no integrity or availability consequences. Both the Cumulative Update 6 (CU 6) and General Distribution Release (GDR) servicing tracks on x64-based systems are confirmed affected per vendor CPE data. No public exploit has been identified and CISA has not listed this in KEV; SSVC assessment corroborates no active exploitation at time of analysis, placing this in a measured but real priority category for environments handling sensitive SQL data.
Privilege elevation in Microsoft SQL Server (2016 SP3 through 2025) allows an authenticated attacker to inject crafted SQL commands over the network and gain higher database privileges (CVSS 8.8). The flaw is a classic improper neutralization of special elements (CWE-89) reachable by any principal already holding low-level database access. No public exploit has been identified at time of analysis, and it is not listed in CISA KEV, though a vendor patch is available.
Local privilege elevation in Microsoft SQL Server (2016 SP3 through 2025) allows an already-authenticated database user to gain higher privileges on the host by controlling a file name or path used by the server engine. The CVSS 3.1 base score is 7.8 with high impact to confidentiality, integrity, and availability, and Microsoft has released a patch. There is no public exploit identified at time of analysis, and the CVE is not in CISA KEV.
Remote code execution in Microsoft SQL Server (2016 SP3 through 2025) allows an authenticated, low-privileged attacker to run arbitrary code on the database server by sending crafted data that the engine deserializes unsafely (CWE-502). Any account able to submit queries or data over the network to a vulnerable instance can achieve full compromise of confidentiality, integrity, and availability. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the CVSS 8.8 rating and the RCE-with-low-privilege profile make it a high-priority patch.
Remote code execution in Microsoft SQL Server 2025 (CU6 and the x64 GDR branch) lets an authenticated attacker run arbitrary code across the network by supplying maliciously crafted serialized data that the server deserializes without validation (CWE-502). The flaw was reported by Microsoft, carries a CVSS 3.1 base score of 8.8, and a vendor patch is available; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Local privilege elevation in Microsoft SQL Server (2016 SP3 through 2025) allows an already-authenticated database user to escalate their privileges by injecting crafted special elements into an SQL command. Microsoft has released a fix and reported the flaw; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Because exploitation requires existing low-level access, the realistic threat is an insider or a compromised low-privilege account pivoting to higher database privileges.