CVE-2026-54118 exposes supported Microsoft SQL Server installations to remote code execution through unsafe deserialization, with Microsoft assigning the vulnerability a CVSS 3.1 score of 8.8. The important operational detail is that the attack can cross a network and is considered straightforward to reproduce, but it is not an unauthenticated Internet takeover: Microsoft’s description says the attacker must already be authorized.
Published through the Microsoft Security Response Center on July 14, 2026, the flaw affects update branches spanning SQL Server 2016 through SQL Server 2025. Administrators should treat network-reachable database servers as the priority and deploy the applicable July 2026 SQL Server security update after the usual availability and application testing.
The CVSS designation Attack Vector: Network, written as AV:N, means the vulnerable SQL Server component can be reached through a network connection. An attacker does not need physical access to the database host, an interactive Windows logon, or the ability to execute a malicious program locally before attempting exploitation.
That network could be the public Internet, but AV:N does not automatically mean every affected SQL Server is Internet-exploitable. The attacker still needs a route to the SQL Server service, whether that route exists through direct public exposure, an internal network, a VPN, a compromised workstation, a cloud virtual network, or another system with access to the database tier.
This distinction matters because many production SQL Server instances are not publicly exposed but remain reachable from large portions of a corporate network. In a ransomware or intrusion scenario, an attacker who has compromised one endpoint may be able to probe database servers that were considered protected simply because they sat behind the perimeter firewall.
Network segmentation therefore remains relevant even after patching begins. SQL Server traffic should be restricted to application servers, management systems, and explicitly approved clients rather than accepted from entire user VLANs or broad cloud address ranges.
Internet-facing SQL Server endpoints deserve immediate review. Administrators should check public IP assignments, Azure and third-party cloud firewall rules, NAT configurations, SQL Server Browser exposure, and inbound access to static or dynamically assigned database ports.
That makes CVE-2026-54118 more concerning than a vulnerability rated Attack Complexity: High. High-complexity flaws may require a race condition, heap grooming, interception of another connection, or a precise configuration. Microsoft’s AC:L assessment indicates that those kinds of exceptional conditions are not necessary here.
The underlying weakness is categorized as CWE-502, deserialization of untrusted data. Deserialization flaws occur when software reconstructs an object or data structure from attacker-influenced input without enforcing sufficient validation. In dangerous cases, crafted serialized content can cause the application to instantiate unexpected objects or enter a code path that leads to arbitrary code execution.
Microsoft’s public description remains concise and does not provide the payload format, affected SQL Server feature, or a detailed exploitation sequence. That restraint limits immediate defensive signature development, but it also avoids handing attackers a ready-made technical blueprint while organizations deploy the updates.
Crucially, AC:L says nothing about authentication. The complete CVSS vector reportedly includes Privileges Required: Low, or PR:L, which aligns with Microsoft’s description of an “authorized attacker.” The attacker needs some level of permitted access before attempting to trigger the deserialization flaw.
That prerequisite lowers the risk compared with a pre-authentication RCE carrying PR:N, but it does not make the issue routine. Database credentials can be stolen from application configuration files, deployment pipelines, developer workstations, connection strings, service accounts, or previously compromised servers. An attacker may also begin with a minimally privileged SQL login and use CVE-2026-54118 to cross the boundary from database access to code execution.
Published fixed-build thresholds include:
SQL Server patching is more involved than applying a normal Windows cumulative update. Database teams need to inventory standalone servers, failover cluster instances, Always On availability-group replicas, development systems, reporting servers, and disaster-recovery nodes. Passive replicas and servers that are rarely started can otherwise remain vulnerable long after primary production instances have been updated.
Updating only the Windows operating system is not sufficient unless the applicable SQL Server security package is also delivered and installed through the organization’s selected servicing mechanism. Administrators should verify the resulting SQL Server engine version directly instead of relying solely on a deployment tool’s success status.
Internal databases still warrant prompt action. The combination of AV:N and AC:L makes the flaw potentially useful after an attacker obtains credentials or an initial foothold. In that setting, CVE-2026-54118 could become part of a lateral-movement chain rather than the first step into the organization.
While updates are tested, administrators can reduce exposure by narrowing firewall rules, reviewing SQL logins, disabling unused accounts, rotating credentials that may have leaked into configuration repositories, and monitoring for unusual connections from workstations or application servers. Removing direct Internet access is an especially important interim measure, but it does not replace the security update.
Microsoft’s initial disclosure does not, by itself, establish that exploitation has been observed in the wild or that public proof-of-concept code is available. Those conditions can change quickly after Patch Tuesday, particularly once researchers compare patched and unpatched SQL Server binaries.
The practical reading of Microsoft’s metrics is therefore straightforward: CVE-2026-54118 is reachable remotely and should be reliable to exploit once an attacker has low-level authorized access. SQL Server administrators now need to determine which servicing branch each instance follows, deploy the corresponding July 14, 2026 update, and confirm that every reachable server has advanced beyond its vulnerable build threshold.
Published through the Microsoft Security Response Center on July 14, 2026, the flaw affects update branches spanning SQL Server 2016 through SQL Server 2025. Administrators should treat network-reachable database servers as the priority and deploy the applicable July 2026 SQL Server security update after the usual availability and application testing.
Network Reachability Expands the Attack Surface
The CVSS designation Attack Vector: Network, written as AV:N, means the vulnerable SQL Server component can be reached through a network connection. An attacker does not need physical access to the database host, an interactive Windows logon, or the ability to execute a malicious program locally before attempting exploitation.That network could be the public Internet, but AV:N does not automatically mean every affected SQL Server is Internet-exploitable. The attacker still needs a route to the SQL Server service, whether that route exists through direct public exposure, an internal network, a VPN, a compromised workstation, a cloud virtual network, or another system with access to the database tier.
This distinction matters because many production SQL Server instances are not publicly exposed but remain reachable from large portions of a corporate network. In a ransomware or intrusion scenario, an attacker who has compromised one endpoint may be able to probe database servers that were considered protected simply because they sat behind the perimeter firewall.
Network segmentation therefore remains relevant even after patching begins. SQL Server traffic should be restricted to application servers, management systems, and explicitly approved clients rather than accepted from entire user VLANs or broad cloud address ranges.
Internet-facing SQL Server endpoints deserve immediate review. Administrators should check public IP assignments, Azure and third-party cloud firewall rules, NAT configurations, SQL Server Browser exposure, and inbound access to static or dynamically assigned database ports.
Low Complexity Does Not Mean No Prerequisites
The AC:L rating means Microsoft does not believe exploitation depends on unusual timing, a rare system state, extensive target-specific research, or circumstances outside the attacker’s control. Once an attacker can reach the vulnerable component and satisfy the access requirement, a working payload should produce repeatable results.That makes CVE-2026-54118 more concerning than a vulnerability rated Attack Complexity: High. High-complexity flaws may require a race condition, heap grooming, interception of another connection, or a precise configuration. Microsoft’s AC:L assessment indicates that those kinds of exceptional conditions are not necessary here.
The underlying weakness is categorized as CWE-502, deserialization of untrusted data. Deserialization flaws occur when software reconstructs an object or data structure from attacker-influenced input without enforcing sufficient validation. In dangerous cases, crafted serialized content can cause the application to instantiate unexpected objects or enter a code path that leads to arbitrary code execution.
Microsoft’s public description remains concise and does not provide the payload format, affected SQL Server feature, or a detailed exploitation sequence. That restraint limits immediate defensive signature development, but it also avoids handing attackers a ready-made technical blueprint while organizations deploy the updates.
Crucially, AC:L says nothing about authentication. The complete CVSS vector reportedly includes Privileges Required: Low, or PR:L, which aligns with Microsoft’s description of an “authorized attacker.” The attacker needs some level of permitted access before attempting to trigger the deserialization flaw.
That prerequisite lowers the risk compared with a pre-authentication RCE carrying PR:N, but it does not make the issue routine. Database credentials can be stolen from application configuration files, deployment pipelines, developer workstations, connection strings, service accounts, or previously compromised servers. An attacker may also begin with a minimally privileged SQL login and use CVE-2026-54118 to cross the boundary from database access to code execution.
Supported SQL Server Branches Need Separate Updates
The CVE record identifies affected servicing branches across multiple generations of SQL Server. These include SQL Server 2016 SP3, SQL Server 2017, SQL Server 2019, SQL Server 2022, and SQL Server 2025, with separate entries for General Distribution Release and Cumulative Update servicing tracks.Published fixed-build thresholds include:
- SQL Server 2016 SP3 GDR installations must reach build 13.0.6500.1 or later.
- SQL Server 2016 SP3 Azure Connect Feature Pack installations must reach build 13.0.7095.1 or later.
- SQL Server 2017 CU31 installations must reach build 14.0.3540.1 or later, while the GDR branch must reach 14.0.2120.1 or later.
- SQL Server 2019 CU32 installations must reach build 15.0.4480.2 or later, while the GDR branch must reach 15.0.2180.2 or later.
- SQL Server 2022 CU25 installations must reach build 16.0.4262.2 or later, while the GDR branch must reach 16.0.1190.2 or later.
- SQL Server 2025 GDR installations must reach build 17.0.1125.2 or later.
SQL Server patching is more involved than applying a normal Windows cumulative update. Database teams need to inventory standalone servers, failover cluster instances, Always On availability-group replicas, development systems, reporting servers, and disaster-recovery nodes. Passive replicas and servers that are rarely started can otherwise remain vulnerable long after primary production instances have been updated.
Updating only the Windows operating system is not sufficient unless the applicable SQL Server security package is also delivered and installed through the organization’s selected servicing mechanism. Administrators should verify the resulting SQL Server engine version directly instead of relying solely on a deployment tool’s success status.
Patch Priority Depends on Access, Not Just Internet Exposure
The highest-priority systems are SQL Server instances that accept connections from untrusted or broadly populated networks. Publicly reachable servers, shared hosting environments, database-as-an-application back ends, and instances accessed by contractors or large developer groups present clearer opportunities for an authorized attacker to reach the vulnerable code.Internal databases still warrant prompt action. The combination of AV:N and AC:L makes the flaw potentially useful after an attacker obtains credentials or an initial foothold. In that setting, CVE-2026-54118 could become part of a lateral-movement chain rather than the first step into the organization.
While updates are tested, administrators can reduce exposure by narrowing firewall rules, reviewing SQL logins, disabling unused accounts, rotating credentials that may have leaked into configuration repositories, and monitoring for unusual connections from workstations or application servers. Removing direct Internet access is an especially important interim measure, but it does not replace the security update.
Microsoft’s initial disclosure does not, by itself, establish that exploitation has been observed in the wild or that public proof-of-concept code is available. Those conditions can change quickly after Patch Tuesday, particularly once researchers compare patched and unpatched SQL Server binaries.
The practical reading of Microsoft’s metrics is therefore straightforward: CVE-2026-54118 is reachable remotely and should be reliable to exploit once an attacker has low-level authorized access. SQL Server administrators now need to determine which servicing branch each instance follows, deploy the corresponding July 14, 2026 update, and confirm that every reachable server has advanced beyond its vulnerable build threshold.
References
- Primary source: MSRC
Published: 2026-07-14T07:00:00-07:00
Security Update Guide - Microsoft Security Response Center
msrc.microsoft.com