Lucene search
K

Description of the security update for SharePoint Server Subscription Edition: January 13, 2026 (KB5002822)

🗓️ 13 Jan 2026 16:00:00Reported by MicrosoftType 
mskb
 mskb
🔗 support.microsoft.com👁 23 Views

SharePoint Server Subscription Edition security update KB5002822 fixes CVEs; install Workflow Manager KB5002799 first and enable Classic Workflow Manager debug flag; adds Version 25H2.

Related
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2026-20943
13 Jan 202617:56
attackerkb
Information Security Automation
April "In the Trend of VM" (#26): one Microsoft SharePoint vulnerability
28 Apr 202618:00
avleonov
Information Security Automation
About Remote Code Execution - Microsoft SharePoint (CVE-2026-20963) vulnerability
3 Apr 202617:00
avleonov
BDU FSTEC
The vulnerability of the Microsoft SharePoint Server software, related to insufficient validation of input data, allows a hacker to execute arbitrary code.
14 Jan 202600:00
bdu_fstec
BDU FSTEC
The vulnerability of the Microsoft SharePoint Server software lies in the lack of protective measures for the SQL query structure, allowing attackers to execute arbitrary code.
14 Jan 202600:00
bdu_fstec
BDU FSTEC
The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Server Subscription Edition, and Microsoft SharePoint Enterprise Server lies in the insufficient validation of requests on the server side, allowing attackers to disclose sensitive information.
14 Jan 202600:00
bdu_fstec
BDU FSTEC
The vulnerability of the Click-to-Run package services for Microsoft Office and Microsoft SharePoint Server allows a hacker to enhance their privileges.
15 Jan 202600:00
bdu_fstec
BDU FSTEC
The vulnerability of Microsoft SharePoint Server and SharePoint Enterprise Server’s software packages, related to deserialization mechanism flaws, allows attackers to execute arbitrary code.
21 Jan 202600:00
bdu_fstec
BDU FSTEC
The vulnerability of Microsoft SharePoint Server and Microsoft SharePoint Enterprise Server packages lies in insufficient data validation, which allows attackers to perform cross-site scripting attacks.
26 Jan 202600:00
bdu_fstec
Circl
CVE-2026-20943
13 Jan 202618:01
circl
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

13 Jan 2026 16:00Current
7High risk
Vulners AI Score7
CVSS 3.15.4 - 9.8
EPSS0.2943
SSVC
23