Home
CRITICAL: 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10.0.14393.0 (custom) before 10.0.14393.9339
affected
10.0.17763.0 (custom) before 10.0.17763.9020
affected
10.0.19044.0 (custom) before 10.0.19044.7548
affected
10.0.19045.0 (custom) before 10.0.19045.7548
affected
10.0.22631.0 (custom) before 10.0.22631.7376
affected
10.0.22631.0 (custom) before 10.0.22631.7376
affected
10.0.26100.0 (custom) before 10.0.26100.8875
affected
10.0.26200.0 (custom) before 10.0.26200.8875
affected
10.0.28000.0 (custom) before 10.0.28000.2269
affected
6.2.9200.0 (custom) before 6.2.9200.26132
affected
6.2.9200.0 (custom) before 6.2.9200.26132
affected
6.3.9600.0 (custom) before 6.3.9600.23228
affected
6.3.9600.0 (custom) before 6.3.9600.23228
affected
10.0.14393.0 (custom) before 10.0.14393.9339
affected
10.0.14393.0 (custom) before 10.0.14393.9339
affected
10.0.17763.0 (custom) before 10.0.17763.9020
affected
10.0.17763.0 (custom) before 10.0.17763.9020
affected
10.0.20348.0 (custom) before 10.0.20348.5386
affected
10.0.26100.0 (custom) before 10.0.26100.33158
affected
10.0.26100.0 (custom) before 10.0.26100.33158
affected
Description
Heap-based buffer overflow in SQL Server ODBC driver allows an unauthorized attacker to execute code over a network.
Problem types
CWE-122: Heap-based Buffer Overflow
Product status
References
msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42990 (SQL Server ODBC driver Elevation of Privilege Vulnerability)