Primary

Context

Microsoft SharePoint Server Remote Code Execution Vulnerability

Vulnerability

Patched

A remote code execution vulnerability exists in Microsoft Office SharePoint due to insufficient granularity of access control. This flaw allows an authorized attacker to execute arbitrary code over the network. The vulnerability affects multiple versions of SharePoint Server, including SharePoint Server 2016 and SharePoint Enterprise Server 2016.

Impact

Exploitation of this vulnerability could lead to unauthorized remote code execution on the affected SharePoint Server.

Remediation

Users should install the security update available for this vulnerability. For SharePoint Server 2016, the same update applies to SharePoint Enterprise Server 2016.

Added: May 12, 2026, 7:42 PM

Updated: May 12, 2026, 7:42 PM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

7.5

exploitability

4.9

remediation

7.7

relevance

8.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

7.5

exploitability

4.9

remediation

7.7

relevance

8.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft SharePoint Server Remote Code Execution Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Microsoft Office SharePoint

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating