Heap-based Buffer Overflow in Microsoft SQL Server ODBC Driver
CVE-2026-42990
9.8CRITICAL
Key Information:
- Vendor
Microsoft
- Vendor
- CVE Published:
- 14 July 2026
What is CVE-2026-42990?
A vulnerability exists in the Microsoft SQL Server ODBC Driver due to a heap-based buffer overflow. This flaw allows unauthorized attackers to execute arbitrary code across a network. By exploiting this issue, attackers can potentially manipulate the system’s memory, leading to unauthorized access and execution of malicious operations.
Affected Version(s)
Windows 10 Version 1607 32-bit Systems 10.0.14393.0 < 10.0.14393.9339
Windows 10 Version 1809 32-bit Systems 10.0.17763.0 < 10.0.17763.9020
Windows 10 Version 21H2 32-bit Systems 10.0.19044.0 < 10.0.19044.7548