CVE-2026-40365

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVSS 8.8 HIGHEPSS 1.0%CWE-1220

In short

Microsoft SharePoint Server has a flaw where it processes untrusted data without proper verification, allowing an authorized user to run malicious code on the server remotely.

Technical detail

A deserialization vulnerability in Microsoft Office SharePoint processes untrusted serialized objects without validation. An authenticated attacker can craft malicious payloads to achieve remote code execution with the privileges of the SharePoint process. The vulnerability requires valid credentials but no additional user interaction.

Summary generated and translated by AI from the official description.

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Affected products

Microsoft · Microsoft SharePoint Enterprise Server 2016 Microsoft · Microsoft SharePoint Server 2019 Microsoft · Microsoft SharePoint Server Subscription Edition

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40365