Apr 2026: Microsoft SQL Server Remote Code Execution Vulnerability
CVE-2026-33120 Published on April 14, 2026

Microsoft SQL Server Remote Code Execution Vulnerability
Untrusted pointer dereference in SQL Server allows an authorized attacker to execute code over a network.

Vendor Advisory NVD

Weakness Type

Untrusted Pointer Dereference

The program obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer.

Products Associated with CVE-2026-33120

Want to know whenever a new CVE is published for Microsoft Sql Server 2022? stack.watch will email you.

Microsoft Sql Server 2022

Affected Versions

Microsoft SQL Server 2022 (GDR):

Version 16.0.0 and below 16.0.1175.1 is affected.

Apr 2026: Microsoft SQL Server Remote Code Execution VulnerabilityCVE-2026-33120 Published on April 14, 2026

Weakness Type

Untrusted Pointer Dereference

Products Associated with CVE-2026-33120

Affected Versions

Apr 2026: Microsoft SQL Server Remote Code Execution Vulnerability
CVE-2026-33120 Published on April 14, 2026