**Name of the Vulnerable Software and Affected Versions:**

Microsoft SQL Server (affected versions not specified)

**Description:**

Improper input validation in Microsoft SQL Server allows an unauthorized attacker to disclose sensitive information over a network. The vulnerability, identified as CVE-2025-49719, has been publicly disclosed and is already being exploited in the wild. Approximately 2.9 million services are found to be affected yearly. The vulnerability allows a remote, unauthenticated attacker to access data from uninitialized memory.

**Recommendations:**

At the moment, there is no information about a newer version that contains a fix for this vulnerability.