Patch tracker / Products / Microsoft SQL Server 2022 (GDR)
Microsoft SQL Server 2022 (GDR): vulnerabilities and security updates
Every CVE affecting Microsoft SQL Server 2022 (GDR) and the Microsoft update (KB) that fixes it, ranked by real-world risk. Actively exploited (CISA KEV) first, then EPSS exploit probability, on top of CVSS severity.
CVEs
5
Updates (KBs)
9
Actively exploited (KEV)
0
Critical Severity
0
CVEs affecting Microsoft SQL Server 2022 (GDR)
| CVE | Severity | CVSS | EPSS | Status |
|---|---|---|---|---|
| CVE-2025-49719 | High | 8.8 | 10% | - |
| CVE-2025-49717 | High | 8.5 | 10% | - |
| CVE-2025-49718 | High | 8.5 | 10% | - |
| CVE-2024-37334 | High | 8.8 | 1.8% | - |
| CVE-2026-20803 | High | 7.2 | 1.2% | - |
Updates (KBs) for Microsoft SQL Server 2022 (GDR)
| Update | Released | Severity | CVSS | EPSS | CVEs | Status |
|---|---|---|---|---|---|---|
| KB5058712 | 2025-07-08 | High | 8.5 | 10% | 3 | - |
| KB5058713 | 2025-07-08 | High | 8.5 | 10% | 3 | - |
| KB5058721 | 2025-07-08 | High | 8.5 | 10% | 3 | - |
| KB5058722 | 2025-07-08 | High | 8.5 | 10% | 3 | - |
| KB5040711 | 2024-07-09 | High | 8.8 | 1.6% | 1 | - |
| KB5040712 | 2024-07-09 | High | 8.8 | 1.6% | 1 | - |
| KB5072936 | 2026-01-13 | High | 7.2 | 1.2% | 1 | - |
| KB5073031 | 2026-01-13 | High | 7.2 | 1.2% | 1 | - |
| KB5073177 | 2026-01-13 | High | 7.2 | 1.2% | 1 | - |
Ranked across all products on the Microsoft patch tracker and the CVE and vulnerability management reference. Browse every product: product index.
