Remote Code Execution Vulnerability in Microsoft Office SharePoint
CVE-2026-26114
Key Information:
- Vendor
Microsoft
- Vendor
- CVE Published:
- 10 March 2026
Badges
What is CVE-2026-26114?
CVE-2026-26114 is a remote code execution vulnerability found in Microsoft Office SharePoint, a platform designed for collaboration, document management, and storage system capabilities. This vulnerability arises from the deserialization of untrusted data, which can be exploited by an authorized attacker to execute arbitrary code over a network. The potential negative impact on organizations is significant, as successful exploitation could enable attackers to gain unwarranted control over SharePoint environments, leading to unauthorized access to sensitive data and critical systems.
Potential impact of CVE-2026-26114
-
Unauthorized System Control: Attackers could exploit this vulnerability to execute arbitrary code, allowing them to take full control of affected SharePoint installations. This poses a significant risk of data theft or manipulation.
-
Data Breaches: By executing malicious code, attackers can access confidential documents and data stored within SharePoint, potentially leading to significant data breaches with severe consequences for both organizations and their clients.
-
Increased Risk of Malware Deployment: The ability to run unauthorized code can enable the installation of additional malware or ransomware on affected systems, leading to further compromise of the network and resources and potentially causing operational disruptions.
Affected Version(s)
Microsoft SharePoint Enterprise Server 2016 x64-based Systems 16.0.0 < 16.0.5543.1000
Microsoft SharePoint Server 2019 x64-based Systems 16.0.0 < 16.0.10417.20102