Rebecca Lewis takes a look at a few more vulnerabilities Microsoft has patched in SQL Server:
This week’s Patch Tuesday landed three new SQL Server CVEs. Two are elevation-of-privilege bugs — familiar territory, we had three of those last month. The third one is different. CVE-2026-33120 is a remote code execution flaw in SQL Server 2022. CVSS 8.8. An authenticated, low-privileged login on the network can execute arbitrary code on your SQL Server.
Go. Patch. Now.
Click through for more information and be sure to get these patched.