VYPR
High severity8.8NVD Advisory· Published May 12, 2026· Updated May 13, 2026

CVE-2026-40370

CVE-2026-40370

Description

External control of file name or path in SQL Server allows an authorized attacker to execute code over a network.

Patches

Vulnerability mechanics

References

1

News mentions

2