3054 matches found
CVE-2026-58277
CVE-2026-58277 is a Microsoft SharePoint elevation-of-privilege vulnerability (Office SharePoint). The entry cites improper authorization that lets an authenticated attacker elevate privileges over the network. CVSS 3.1 base score 8.8 (HIGH) with NETWORK attack vector, LOW attack complexity, and ...
CVE-2026-55135
CVE-2026-55135 concerns a cross-site scripting spoofing vulnerability in Microsoft Office SharePoint. The connected sources identify the affected product as Microsoft SharePoint Server (part of Office/SharePoint), and describe the root cause as improper neutralization of input during web page gen...
CVE-2026-55052 Microsoft SharePoint Elevation of Privilege Vulnerability
...
CVE-2026-55052
CVE-2026-55052 concerns a privilege-elevation flaw in Microsoft SharePoint (Office SharePoint). The description across sources is a missing authorization vulnerability that could let an authorized attacker elevate privileges over a network. Affected components/versions are centered on Microsoft O...
CVE-2026-55126 Microsoft SharePoint Server Spoofing Vulnerability
...
CVE-2026-55034
CVE-2026-55034 affects Microsoft Office SharePoint (SharePoint Server) and is triggered by improper neutralization of input during web page generation, enabling an authorized attacker to spoof over a network. The CVSS 3.1 base score is 7.3 (HIGH): network attack vector, low attack complexity, pri...
CVE-2026-55030
CVE-2026-55030 affects Microsoft Office SharePoint (Server). The vulnerability is caused by improper neutralization of input during web page generation, enabling spoofing over a network by an authorized attacker. The associated CVSS 3.1 base score is 4.6 (Medium) with network access, low attack c...
CVE-2026-55021
CVE-2026-55021 affects Microsoft SharePoint Server (Office/SharePoint component). The issue is caused by improper neutralization of input during web page generation, enabling an authorized attacker to spoof over the network via a malicious link or page. The CVSSv3.1 score is 7.3 (High) with Netwo...
CVE-2026-55019
CVE-2026-55019 describes an "Improper neutralization of input during web page generation" (XSS) in Microsoft Office SharePoint, enabling an authorized attacker to spoof content over the network. Multiple connected sources confirm: affected product is SharePoint Server (Microsoft Office/SharePoint...
CVE-2026-55016
CVE-2026-55016 is a SharePoint-related issue affecting Microsoft Office SharePoint, described as improper neutralization of input during web page generation (XSS) that enables spoofing over a network by an authorized attacker. The CVSS 3.1 vector (AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N) yields a bas...
CVE-2026-50522 Microsoft SharePoint Remote Code Execution Vulnerability
...
CVE-2026-50522 Microsoft SharePoint Remote Code Execution Vulnerability
...
Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability
Microsoft SharePoint Server contains a deserialization of untrusted data vulnerability which allows an authorized attacker to execute code over a network...
CVE-2026-45454
Improper limitation of a pathname to a restricted directory 'path traversal' in Microsoft Office SharePoint allows an authorized attacker to execute code over a network...
CVE-2026-47298
Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network...
CVE-2026-47636
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-48562 Microsoft SharePoint Server Spoofing Vulnerability
...
CVE-2026-48560 Microsoft SharePoint Server Spoofing Vulnerability
...
CVE-2026-48560 Microsoft SharePoint Server Spoofing Vulnerability
...
CVE-2026-45484 Microsoft SharePoint Elevation of Privilege Vulnerability
...