3037 matches found
Microsoft SharePoint Server - Authentication Bypass (ToolShell)
Microsoft Office SharePoint Server contains an improper authentication vulnerability that allows unauthorized attackers to perform spoofing over a network. By crafting a POST request to /layouts/15/ToolPane.aspx with a forged Referer header /layouts/SignOut.aspx, attackers can bypass authenticati...
Microsoft SharePoint Server - Authentication Bypass
Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network. id: CVE-2025-49706 info: name: Microsoft SharePoint Server - Authentication Bypass author: daffainfo severity: medium description: | Improper authentication in Microsoft Offi...
CVE-2026-47294 Microsoft SharePoint Server Remote Code Execution Vulnerability
...
CVE-2026-47294 Microsoft SharePoint Server Remote Code Execution Vulnerability
...
Description of the security update for SharePoint Server 2019: May 12, 2026 (KB5002870)
Description of the security update for SharePoint Server 2019: May 12, 2026 KB5002870 Summary Important: If you're currently running SharePoint Workflow Manager, you must install the SharePoint Workflow Manager KB5002799 to your farm before you install this cumulative update. If you're currently...
Microsoft SharePoint Server Remote Code Execution Vulnerability
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network...
Description of the security update for SharePoint Server Subscription Edition: May 12, 2026 (KB5002863)
Description of the security update for SharePoint Server Subscription Edition: May 12, 2026 KB5002863 Summary Important: If you're currently running SharePoint Workflow Manager, you must install SharePoint Workflow Manager KB5002799 to your farm before you install this cumulative update. If you'r...
Description of the security update for SharePoint Server 2016: May 12, 2026 (KB5002868)
Description of the security update for SharePoint Server 2016: May 12, 2026 KB5002868 Summary Important: If you're currently running SharePoint Workflow Manager, you must install the SharePoint Workflow Manager KB5002799 to your farm before you install this cumulative update. If you're currently...
May "In the Trend of VM" (#27): high-profile vulnerabilities in Linux, ActiveMQ, SharePoint, and Adobe Acrobat Reader
May "In the Trend of VM" 27: high-profile vulnerabilities in Linux, ActiveMQ, SharePoint, and Adobe Acrobat Reader. Presenting the traditional monthly roundup of trending vulnerabilities according to Positive Technologies. While the previous April edition featured only one vulnerability, this one...
KLA91068 ACE vulnerability in Microsoft Office
A remote code execution vulnerability was found in Microsoft Office. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2026-45659 Exploitation Related products Microsoft-SharePoint CVE list CVE-2026-45659 critical KB list 5002863 5002868 5002870...
CVE-2026-40365 Microsoft SharePoint Server Remote Code Execution Vulnerability
...
CVE-2026-40365
CVE-2026-40365 : Microsoft SharePoint Server remote code execution due to insufficient granularity of access control. An authorized attacker can execute code over a network (CVSS v3.1: 8.8, HIGH; AV:N/AC:L/PR:L/UI:N/S:U). Public docs confirm the issue and that Microsoft released security updates ...
CVE-2026-40357
Technical details for CVE-2026-40357 are not publicly available in the provided documents. Monitor for updates from Microsoft and CVE records.
CVE-2026-40357 Microsoft SharePoint Server Remote Code Execution Vulnerability
...
CVE-2026-33112
Technical details for CVE-2026-33112 are not publicly available in the provided documents. Monitor for updates from vendors and security advisories.
CVE-2026-33112 Microsoft SharePoint Server Remote Code Execution Vulnerability
...
CVE-2026-33110
CVE-2026-33110 describes a deserialization vulnerability in Microsoft SharePoint that could allow an authorized network attacker to execute code. Affected products include Microsoft SharePoint Server variants; the risk is tied to deserializing untrusted data. Remediations are provided by Microsof...
CVE-2026-33110 Microsoft SharePoint Server Remote Code Execution Vulnerability
...
CVE-2026-33110 Microsoft SharePoint Server Remote Code Execution Vulnerability
...
CVE-2026-40368 Microsoft SharePoint Server Remote Code Execution Vulnerability
...