Patch tracker / Products / Microsoft SQL Server 2025 (CU3)
Microsoft SQL Server 2025 (CU3): vulnerabilities and security updates
Every CVE affecting Microsoft SQL Server 2025 (CU3) and the Microsoft update (KB) that fixes it, ranked by real-world risk. Actively exploited (CISA KEV) first, then EPSS exploit probability, on top of CVSS severity.
CVEs
3
Updates (KBs)
10
Actively exploited (KEV)
0
Critical Severity
0
CVEs affecting Microsoft SQL Server 2025 (CU3)
| CVE | Severity | CVSS | EPSS | Status |
|---|---|---|---|---|
| CVE-2026-32167 | High | 8.8 | 0.7% | - |
| CVE-2026-32176 | High | 8.8 | 0.7% | - |
| CVE-2026-33120 | High | 8.8 | 0.7% | - |
Updates (KBs) for Microsoft SQL Server 2025 (CU3)
| Update | Released | Severity | CVSS | EPSS | CVEs | Status |
|---|---|---|---|---|---|---|
| KB5084815 | 2026-04-14 | High | 8.8 | 0.7% | 3 | - |
| KB5083245 | 2026-04-14 | Medium | 6.7 | 0.3% | 2 | - |
| KB5083252 | 2026-04-14 | Medium | 6.7 | 0.3% | 2 | - |
| KB5084814 | 2026-04-14 | Medium | 6.7 | 0.3% | 2 | - |
| KB5084816 | 2026-04-14 | Medium | 6.7 | 0.3% | 2 | - |
| KB5084817 | 2026-04-14 | Medium | 6.7 | 0.3% | 2 | - |
| KB5084818 | 2026-04-14 | Medium | 6.7 | 0.3% | 2 | - |
| KB5084819 | 2026-04-14 | Medium | 6.7 | 0.3% | 2 | - |
| KB5084820 | 2026-04-14 | Medium | 6.7 | 0.3% | 2 | - |
| KB5084821 | 2026-04-14 | Medium | 6.7 | 0.3% | 2 | - |
Ranked across all products on the Microsoft patch tracker and the CVE and vulnerability management reference. Browse every product: product index.
