CVE-2026-47294
Microsoft SharePoint Server Remote Code Execution Vulnerability
Improper neutralization of special elements used in an os command ('os command injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Affected products
Microsoft · Microsoft SharePoint Enterprise Server 2016Microsoft · Microsoft SharePoint Server 2019Microsoft · Microsoft SharePoint Server Subscription EditionWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →