Description
Improper input validation in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
Published: 2026-03-10
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Apply Patch
AI Analysis

Impact

The vulnerability is due to improper input validation in Microsoft SharePoint Server, which allows an authorized attacker to execute arbitrary code over the network. Because it enables remote code execution, an attacker could gain full control of the affected SharePoint instance and compromise data confidentiality, integrity, and availability. The weakness is identified as CWE-20 (Input Validation).

Affected Systems

Microsoft SharePoint Enterprise Server 2016, Microsoft SharePoint Server 2019, and Microsoft SharePoint Server Subscription Edition are affected. No specific sub‑versions are listed; the vulnerability applies to all builds of these products as indicated by the CPE entries in the advisory.

Risk and Exploitability

With a CVSS score of 8.8 the vulnerability is classified as High; however, the EPSS score is less than 1%, suggesting a low probability of exploitation in the wild. It is not listed in the CISA KEV catalog. The exploit requires an authenticated attacker, so systems must verify that only trusted admin accounts are used. Once authenticated, an attacker may send specially crafted requests to trigger the code execution path.

Generated by OpenCVE AI on March 16, 2026 at 23:16 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest official Microsoft security update for SharePoint Server.
  • Verify that the update has been installed and that the vulnerable code paths are removed.

Generated by OpenCVE AI on March 16, 2026 at 23:16 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 13 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*
cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*

Tue, 10 Mar 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 10 Mar 2026 17:30:00 +0000

Type Values Removed Values Added
Description Improper input validation in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
Title Microsoft SharePoint Server Remote Code Execution Vulnerability
First Time appeared Microsoft
Microsoft sharepoint Server
Microsoft sharepoint Server 2016
Microsoft sharepoint Server 2019
Weaknesses CWE-20
CPEs cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:*
cpe:2.3:a:microsoft:sharepoint_server_2016:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:microsoft:sharepoint_server_2019:*:*:*:*:*:*:*:*
Vendors & Products Microsoft
Microsoft sharepoint Server
Microsoft sharepoint Server 2016
Microsoft sharepoint Server 2019
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C'}

Subscriptions

Microsoft Sharepoint Server Sharepoint Server 2016 Sharepoint Server 2019
cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2026-03-27T22:33:13.709Z

Reserved: 2026-02-11T15:52:13.909Z

Link: CVE-2026-26106

cve-icon Vulnrichment

Updated: 2026-03-10T19:43:56.063Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-10T18:18:38.647

Modified: 2026-03-13T16:00:14.720

Link: CVE-2026-26106

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-20T14:34:07Z

Weaknesses