Sharepoint Server Security Vulnerabilities and Issues — Sharepoint Server CVE List

Lucene search

MicrosoftSharepoint Server

6 matches found

CVE-2025-53770

Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an unauthorized attacker to execute code over a network.Microsoft is aware that an exploit for CVE-2025-53770 exists in the wild.Microsoft is preparing and fully testing a comprehensive update to address this vulner...

9.8CVSS6.8AI score0.0304EPSS

CVE•added 2025/07/08 5:15 p.m.•49 views

CVE-2025-49704

Improper control of generation of code ('code injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

8.8CVSS6.9AI score0.00296EPSS

CVE•added 2025/07/08 5:15 p.m.•43 views

CVE-2025-49706

Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.

6.5CVSS7.5AI score0.00044EPSS

CVE•added 3 days ago•24 views

CVE-2025-53771

Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.

7.1CVSS7.4AI score0.00127EPSS

CVE•added 2025/07/08 5:15 p.m.•18 views

CVE-2025-49701

Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

8.8CVSS6.8AI score0.00126EPSS

CVE•added 2025/07/08 5:15 p.m.•16 views

CVE-2025-49703

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

7.8CVSS7.3AI score0.00062EPSS