Sql server

This hub aggregates every CVE we track for Sql server, a product in the databases space. Use it to gauge the current risk picture and drill into individual advisories.

Databaseson-premdatabase

193

CVEs tracked

Critical

140

High

In CISA KEV

Severity distribution

HIGH140MEDIUM31CRITICAL19LOW3

Monthly trend

2024-072026-06

Latest CVEs

See all →

The 15 most recently published vulnerabilities affecting Sql server.

CVE-2025-59250JDBC Driver for SQL Server Spoofing Vulnerability8.1Oct 14, 2025
CVE-2025-47997Microsoft SQL Server Information Disclosure Vulnerability6.5Sep 9, 2025
CVE-2025-49759Microsoft SQL Server Elevation of Privilege Vulnerability8.8Aug 12, 2025
CVE-2025-24999Microsoft SQL Server Elevation of Privilege Vulnerability8.8Aug 12, 2025
CVE-2025-49718Microsoft SQL Server Information Disclosure Vulnerability7.5Jul 8, 2025
CVE-2025-49719Microsoft SQL Server Information Disclosure Vulnerability7.5Jul 8, 2025
CVE-2024-49021Microsoft SQL Server Remote Code Execution Vulnerability7.8Nov 12, 2024
CVE-2024-48993SQL Server Native Client Remote Code Execution Vulnerability8.8Nov 12, 2024
CVE-2024-49043Microsoft.SqlServer.XEvent.Configuration.dll Remote Code Execution Vulnerability7.8Nov 12, 2024
CVE-2024-43462SQL Server Native Client Remote Code Execution Vulnerability8.8Nov 12, 2024
CVE-2024-43459SQL Server Native Client Remote Code Execution Vulnerability8.8Nov 12, 2024
CVE-2024-38255SQL Server Native Client Remote Code Execution Vulnerability8.8Nov 12, 2024
CVE-2024-37980Microsoft SQL Server Elevation of Privilege Vulnerability8.8Sep 10, 2024
CVE-2024-37341Microsoft SQL Server Elevation of Privilege Vulnerability8.8Sep 10, 2024
CVE-2024-37965Microsoft SQL Server Elevation of Privilege Vulnerability8.8Sep 10, 2024

Product normalization is registry-driven with AI assist and human review. How it works