CVE-2026-40370

Analyzed Analyzed - Analysis Complete

BaseFortify

Publication date: 2026-05-12

Last updated on: 2026-06-18

Assigner: Microsoft Corporation

Description

External control of file name or path in SQL Server allows an authorized attacker to execute code over a network.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2026-05-12

Last Modified

2026-06-18

Generated

2026-06-30

EPSS Evaluated

2026-06-28

NVD

Affected Vendors & Products

Vendor	Product	Version / Range
microsoft	sql_server_2016	From 13.0.6300.2 (inc) to 13.0.6490.1 (exc)
microsoft	sql_server_2016	From 13.0.7000.253 (inc) to 13.0.7085.1 (exc)
microsoft	sql_server_2017	From 14.0.1000.169 (inc) to 14.0.2110.2 (exc)
microsoft	sql_server_2017	From 14.0.3006.16 (inc) to 14.0.3530.2 (exc)
microsoft	sql_server_2019	From 15.0.2000.5 (inc) to 15.0.2170.1 (exc)
microsoft	sql_server_2019	From 15.0.4003.23 (inc) to 15.0.4470.1 (exc)
microsoft	sql_server_2022	From 16.0.1000.6 (inc) to 16.0.1180.1 (exc)
microsoft	sql_server_2022	From 16.0.4003.1 (inc) to 16.0.4252.3 (exc)
microsoft	sql_server_2025	From 17.0.1000.7 (inc) to 17.0.1115.1 (exc)
microsoft	sql_server_2025	From 17.0.4006.2 (inc) to 17.0.4040.1 (exc)

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-73	The product allows user input to control or influence paths or file names that are used in filesystem operations.
CWE-610	The product uses an externally controlled name or reference that resolves to a resource that is outside of the intended control sphere.

Attack-Flow Graph

AI Quick Actions have not been generated yet.

Hi! I’m here to help you understand CVE-2026-40370. Ask me anything about the vulnerability, its impact, or mitigation strategies.

0/70

EPSS Chart

Thank you illustration

Thank you for your feedback!

Your input helps us improve and create a better experience for you. We appreciate your time!