CVE Details
CVE-2026-45659
Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability
Published: 2026-07-01
CVSS: 8.8 HIGH
Product: Microsoft SharePoint Server
Due Date: 2026-07-04
Microsoft SharePoint Server contains a deserialization of untrusted data vulnerability which allows an authorized attacker to execute code over a network.
GitHub PoC
Warning: GitHub PoC repositories are unverified. Some may be fake
or contain malware. Use caution and review code before running anything.
FIRST EPSS
EPSS estimates the probability of exploitation in the next 30 days. Higher values indicate higher likelihood of real-world exploitation.
Timeline
CVE Stalker
KEV
MITRE
GitHub
FIRST (EPSS)
MITRE
CVSS
SSVC
References
Show Raw Data
| Key | Remaining Key | Value |
|---|---|---|
| dataType | CVE_RECORD | |
| dataVersion | 5.2 | |
| cveMetadata > | cveId | CVE-2026-45659 |
| cveMetadata > | assignerOrgId | f38d906d-7342-40ea-92c1-6c4a2c6478c8 |
| cveMetadata > | state | PUBLISHED |
| cveMetadata > | assignerShortName | microsoft |
| cveMetadata > | dateReserved | 2026-05-12T20:33:35.158Z |
| cveMetadata > | datePublished | 2026-05-22T22:04:33.517Z |
| cveMetadata > | dateUpdated | 2026-06-19T16:13:11.304Z |
| containers > | cna > title | Microsoft SharePoint Remote Code Execution Vulnerability |
| containers > | cna > datePublic | 2026-05-21T14:00:00.000Z |
| containers > | cna > cpeApplicability > 0 > nodes > 0 > operator | OR |
| containers > | cna > cpeApplicability > 0 > nodes > 0 > negate | False |
| containers > | cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 0 > vulnerable | True |
| containers > | cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 0 > criteria | cpe:2.3:a:microsoft:sharepoint_server_2016:*:*:*:*:enterprise:*:*:* |
| containers > | cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 0 > versionStartIncluding | 16.0.0 |
| containers > | cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 0 > versionEndExcluding | 16.0.5552.1002 |
| containers > | cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 1 > vulnerable | True |
| containers > | cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 1 > criteria | cpe:2.3:a:microsoft:sharepoint_server_2019:*:*:*:*:*:*:*:* |
| containers > | cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 1 > versionStartIncluding | 16.0.0 |
| containers > | cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 1 > versionEndExcluding | 16.0.10417.20128 |
| containers > | cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 2 > vulnerable | True |
| containers > | cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 2 > criteria | cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:* |
| containers > | cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 2 > versionStartIncluding | 16.0.0 |
| containers > | cna > cpeApplicability > 0 > nodes > 0 > cpeMatch > 2 > versionEndExcluding | 16.0.19725.20280 |
| containers > | cna > affected > 0 > vendor | Microsoft |
| containers > | cna > affected > 0 > product | Microsoft SharePoint Enterprise Server 2016 |
| containers > | cna > affected > 0 > platforms > 0 | x64-based Systems |
| containers > | cna > affected > 0 > versions > 0 > version | 16.0.0 |
| containers > | cna > affected > 0 > versions > 0 > lessThan | 16.0.5552.1002 |
| containers > | cna > affected > 0 > versions > 0 > versionType | custom |
| containers > | cna > affected > 0 > versions > 0 > status | affected |
| containers > | cna > affected > 1 > vendor | Microsoft |
| containers > | cna > affected > 1 > product | Microsoft SharePoint Server 2019 |
| containers > | cna > affected > 1 > platforms > 0 | x64-based Systems |
| containers > | cna > affected > 1 > versions > 0 > version | 16.0.0 |
| containers > | cna > affected > 1 > versions > 0 > lessThan | 16.0.10417.20128 |
| containers > | cna > affected > 1 > versions > 0 > versionType | custom |
| containers > | cna > affected > 1 > versions > 0 > status | affected |
| containers > | cna > affected > 2 > vendor | Microsoft |
| containers > | cna > affected > 2 > product | Microsoft SharePoint Server Subscription Edition |
| containers > | cna > affected > 2 > platforms > 0 | x64-based Systems |
| containers > | cna > affected > 2 > versions > 0 > version | 16.0.0 |
| containers > | cna > affected > 2 > versions > 0 > lessThan | 16.0.19725.20280 |
| containers > | cna > affected > 2 > versions > 0 > versionType | custom |
| containers > | cna > affected > 2 > versions > 0 > status | affected |
| containers > | cna > descriptions > 0 > value | Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. |
| containers > | cna > descriptions > 0 > lang | en-US |
| containers > | cna > problemTypes > 0 > descriptions > 0 > description | CWE-502: Deserialization of Untrusted Data |
| containers > | cna > problemTypes > 0 > descriptions > 0 > lang | en-US |
| containers > | cna > problemTypes > 0 > descriptions > 0 > type | CWE |
| containers > | cna > problemTypes > 0 > descriptions > 0 > cweId | CWE-502 |
| containers > | cna > providerMetadata > orgId | f38d906d-7342-40ea-92c1-6c4a2c6478c8 |
| containers > | cna > providerMetadata > shortName | microsoft |
| containers > | cna > providerMetadata > dateUpdated | 2026-06-19T16:13:11.304Z |
| containers > | cna > references > 0 > name | Microsoft SharePoint Remote Code Execution Vulnerability |
| containers > | cna > references > 0 > tags > 0 | vendor-advisory |
| containers > | cna > references > 0 > tags > 1 | patch |
| containers > | cna > references > 0 > url | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45659 |
| containers > | cna > metrics > 0 > format | CVSS |
| containers > | cna > metrics > 0 > scenarios > 0 > lang | en-US |
| containers > | cna > metrics > 0 > scenarios > 0 > value | GENERAL |
| containers > | cna > metrics > 0 > cvssV3_1 > version | 3.1 |
| containers > | cna > metrics > 0 > cvssV3_1 > baseSeverity | HIGH |
| containers > | cna > metrics > 0 > cvssV3_1 > baseScore | 8.8 |
| containers > | cna > metrics > 0 > cvssV3_1 > vectorString | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
| containers > | adp > 0 > metrics > 0 > other > type | ssvc |
| containers > | adp > 0 > metrics > 0 > other > content > timestamp | 2026-05-26T00:00:00+00:00 |
| containers > | adp > 0 > metrics > 0 > other > content > options > 0 > Exploitation | none |
| containers > | adp > 0 > metrics > 0 > other > content > options > 1 > Automatable | no |
| containers > | adp > 0 > metrics > 0 > other > content > options > 2 > Technical Impact | total |
| containers > | adp > 0 > metrics > 0 > other > content > role | CISA Coordinator |
| containers > | adp > 0 > metrics > 0 > other > content > version | 2.0.3 |
| containers > | adp > 0 > metrics > 0 > other > content > id | CVE-2026-45659 |
| containers > | adp > 0 > title | CISA ADP Vulnrichment |
| containers > | adp > 0 > providerMetadata > orgId | 134c704f-9b21-4f2e-91b3-4a467353bcc0 |
| containers > | adp > 0 > providerMetadata > shortName | CISA-ADP |
| containers > | adp > 0 > providerMetadata > dateUpdated | 2026-05-27T03:55:30.178Z |