本页列出影响 microsoft sharepoint_server 的已公开 CVE 漏洞(通过 NVD CPE 关联)。每行包含严重程度评分、摘要与发布日期,便于识别与分析安全问题。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2026-47641 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | [email protected] | 4.6 | 0.09% | 2026-06-09 | 2026-06-10 |
| CVE-2026-47640 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | [email protected] | 4.6 | 0.06% | 2026-06-09 | 2026-06-10 |
| CVE-2026-47639 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | [email protected] | 5.4 | 0.06% | 2026-06-09 | 2026-06-10 |
| CVE-2026-47638 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | [email protected] | 4.6 | 0.06% | 2026-06-09 | 2026-06-10 |
| CVE-2026-47637 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | [email protected] | 4.6 | 0.06% | 2026-06-09 | 2026-06-10 |
| CVE-2026-47636 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | [email protected] | 5.4 | 0.06% | 2026-06-09 | 2026-06-10 |
| CVE-2026-47634 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | [email protected] | 7.3 | 0.06% | 2026-06-09 | 2026-06-10 |
| CVE-2026-45485 | Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. | [email protected] | 3.3 | 0.05% | 2026-06-09 | 2026-06-11 |
| CVE-2026-45479 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | [email protected] | 4.6 | 0.06% | 2026-06-09 | 2026-06-10 |
| CVE-2026-45468 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | [email protected] | 4.6 | 0.06% | 2026-06-09 | 2026-06-11 |
| CVE-2026-45465 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | [email protected] | 5.4 | 0.06% | 2026-06-09 | 2026-06-10 |
| CVE-2026-45464 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | [email protected] | 5.4 | 0.06% | 2026-06-09 | 2026-06-10 |
| CVE-2026-45462 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | [email protected] | 4.6 | 0.06% | 2026-06-09 | 2026-06-10 |
| CVE-2026-45458 | Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. | [email protected] | 8.4 | 0.06% | 2026-06-09 | 2026-06-11 |
| CVE-2026-45456 | Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. | [email protected] | 8.4 | 0.15% | 2026-06-09 | 2026-06-11 |
| CVE-2026-45454 | Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | [email protected] | 6.5 | 0.17% | 2026-06-09 | 2026-06-10 |
| CVE-2026-45453 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | [email protected] | 5.4 | 0.06% | 2026-06-09 | 2026-06-10 |
| CVE-2026-44824 | Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | [email protected] | 7.8 | 0.08% | 2026-06-09 | 2026-06-11 |
| CVE-2026-44821 | Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. | [email protected] | 5.5 | 0.06% | 2026-06-09 | 2026-06-11 |
| CVE-2026-44819 | Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | [email protected] | 7.8 | 0.08% | 2026-06-09 | 2026-06-11 |