CyberSec.Space Logo
Back to CVE Browser

CVE-2026-32201

Known Exploited (CISA KEV)MEDIUM
6.5
CVSS Severity Score
EPSS Score77.6460%
EPSS Percentile95.18th
PublishedApr 14, 2026
Last ModifiedMay 28, 2026

Vulnerability Description

Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.

Affected Platforms (CPE)

📦
Microsoft

Sharepoint Server

< 16.0.19725.20210
📦
Microsoft

Sharepoint Server

= 2016
📦
Microsoft

Sharepoint Server

= 2019

References & Advisories

🔗 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32201
🔗 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-32201

Related Vulnerabilities

CVE-2013-133010.0

The default configuration of Microsoft SharePoint Portal Server 2003 SP3, SharePoint Server 2007 SP3 and 2010 SP1 and SP2, and Off...

CVE-2020-15959.9

<p>A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data inpu...

CVE-2020-12109.9

<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an a...

CVE-2020-10259.8

An elevation of privilege vulnerability exists when Microsoft SharePoint Server and Skype for Business Server improperly handle OA...