返回 CVE 浏览器

CVE-2026-32201

Known Exploited (CISA KEV)MEDIUM

6.5

CVSS Severity Score

EPSS Score77.6460%

EPSS Percentile95.18th

Published2026年4月14日

Last Modified2026年5月28日

Vulnerability Description

Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.

Affected Platforms (CPE)

📦

Microsoft

Sharepoint Server

< 16.0.19725.20210

📦

Microsoft

Sharepoint Server

= 2016

📦

Microsoft

Sharepoint Server

= 2019

References & Advisories

🔗 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32201

🔗 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-32201

相关漏洞威胁

CVE-2013-133010.0

The default configuration of Microsoft SharePoint Portal Server 2003 SP3, SharePoint Server 2007 SP3 and 2010 SP1 and SP2, and Off...

CVE-2020-15959.9

<p>A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data inpu...

CVE-2020-12109.9

<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an a...

CVE-2020-10259.8

An elevation of privilege vulnerability exists when Microsoft SharePoint Server and Skype for Business Server improperly handle OA...