| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| CVE-2026-40365 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Microsoft SharePoint | Critical | 29-05-2026 |
Technical Information
An authenticated attacker with at least Site Owner access, could exploit insufficient access control in Microsoft Office SharePoint to inject and execute arbitrary code remotely over the network on the vulnerable SharePoint Server.
Patch release date: May 12, 2026
Further information on this vulnerability is available at : CVE-2026-40365
Affected Software
Microsoft SharePoint Enterprise Server 2016,Microsoft SharePoint Server 2019,
Microsoft SharePoint Server Subscription Edition