CVE-2025-49719

Name of the Vulnerable Software and Affected Versions Microsoft SQL Server (affected versions not specified)

Description A vulnerability exists in Microsoft SQL Server due to improper input validation. This allows an unauthorized attacker to disclose sensitive information over a network. The vulnerability has been publicly disclosed and is actively exploited in the wild. Approximately 2.9 million services are potentially affected worldwide. The issue allows a remote, unauthenticated attacker to access data from uninitialized memory.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.