本ページは microsoft sharepoint_server に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2026-47294 | Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | [email protected] | 8.0 | 0.06% | 2026-06-01 | 2026-06-03 |
| CVE-2026-45659 | Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | [email protected] | 8.8 | 0.86% | 2026-05-22 | 2026-05-27 |
| CVE-2026-40368 | Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | [email protected] | 8.0 | 0.65% | 2026-05-12 | 2026-05-13 |
| CVE-2026-40367 | Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally. | [email protected] | 8.4 | 0.06% | 2026-05-12 | 2026-06-01 |
| CVE-2026-40365 | Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | [email protected] | 8.8 | 0.06% | 2026-05-12 | 2026-06-01 |
| CVE-2026-40357 | Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | [email protected] | 8.8 | 1.15% | 2026-05-12 | 2026-05-13 |
| CVE-2026-35439 | Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | [email protected] | 8.8 | 1.15% | 2026-05-12 | 2026-05-13 |
| CVE-2026-33112 | Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | [email protected] | 8.8 | 1.15% | 2026-05-12 | 2026-05-13 |
| CVE-2026-33110 | Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | [email protected] | 8.8 | 1.15% | 2026-05-12 | 2026-05-13 |
| CVE-2026-32201 KEV | Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network. | [email protected] | 6.5 | 8.92% | 2026-04-14 | 2026-05-28 |
| CVE-2026-20945 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | [email protected] | 4.6 | 0.05% | 2026-04-14 | 2026-05-06 |
| CVE-2026-26114 | Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | [email protected] | 8.8 | 1.47% | 2026-03-10 | 2026-03-13 |
| CVE-2026-26113 | Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally. | [email protected] | 8.4 | 0.03% | 2026-03-10 | 2026-03-13 |
| CVE-2026-26106 | Improper input validation in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | [email protected] | 8.8 | 0.16% | 2026-03-10 | 2026-03-13 |
| CVE-2026-26105 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network. | [email protected] | 8.1 | 0.06% | 2026-03-10 | 2026-03-13 |
| CVE-2026-21511 | Deserialization of untrusted data in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network. | [email protected] | 7.5 | 0.35% | 2026-02-10 | 2026-02-11 |
| CVE-2026-21260 | Exposure of sensitive information to an unauthorized actor in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network. | [email protected] | 7.5 | 0.05% | 2026-02-10 | 2026-02-11 |
| CVE-2026-20963 KEV | Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code over a network. | [email protected] | 9.8 | 5.29% | 2026-01-13 | 2026-04-01 |
| CVE-2026-20959 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | [email protected] | 4.6 | 0.22% | 2026-01-13 | 2026-01-14 |
| CVE-2026-20958 | Server-side request forgery (ssrf) in Microsoft Office SharePoint allows an authorized attacker to disclose information over a network. | [email protected] | 5.4 | 0.17% | 2026-01-13 | 2026-01-14 |