本页列出影响 microsoft sharepoint_server_2016 的已公开 CVE 漏洞(通过 NVD CPE 关联)。每行包含严重程度评分、摘要与发布日期,便于识别与分析安全问题。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2026-58277 | Improper authorization in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network. | [email protected] | 8.8 | — | 2026-07-14 | 2026-07-14 |
| CVE-2026-56192 | Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. | [email protected] | 5.5 | — | 2026-07-14 | 2026-07-14 |
| CVE-2026-56157 | Improper access control in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | [email protected] | 5.4 | — | 2026-07-14 | 2026-07-14 |
| CVE-2026-55142 | Numeric truncation error in Microsoft Office Word allows an unauthorized attacker to disclose information locally. | [email protected] | 5.5 | — | 2026-07-14 | 2026-07-14 |
| CVE-2026-55135 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | [email protected] | 4.6 | — | 2026-07-14 | 2026-07-14 |
| CVE-2026-55134 | Stack-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally. | [email protected] | 7.8 | — | 2026-07-14 | 2026-07-14 |
| CVE-2026-55132 | Double free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | [email protected] | 7.8 | — | 2026-07-14 | 2026-07-14 |
| CVE-2026-55130 | Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally. | [email protected] | 7.8 | — | 2026-07-14 | 2026-07-14 |
| CVE-2026-55128 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | [email protected] | 7.8 | — | 2026-07-14 | 2026-07-14 |
| CVE-2026-55127 | Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally. | [email protected] | 7.8 | — | 2026-07-14 | 2026-07-14 |
| CVE-2026-55126 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | [email protected] | 7.3 | — | 2026-07-14 | 2026-07-14 |
| CVE-2026-55125 | Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | [email protected] | 7.8 | — | 2026-07-14 | 2026-07-14 |
| CVE-2026-55124 | Improper validation of specified type of input in Microsoft Office Word allows an unauthorized attacker to disclose information locally. | [email protected] | 5.5 | — | 2026-07-14 | 2026-07-14 |
| CVE-2026-55121 | Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. | [email protected] | 5.5 | — | 2026-07-14 | 2026-07-14 |
| CVE-2026-55055 | Stack-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally. | [email protected] | 7.8 | — | 2026-07-14 | 2026-07-14 |
| CVE-2026-55052 | Missing authorization in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network. | [email protected] | 8.8 | — | 2026-07-14 | 2026-07-14 |
| CVE-2026-55051 | Server-side request forgery (ssrf) in Microsoft Office SharePoint allows an authorized attacker to disclose information over a network. | [email protected] | 6.5 | — | 2026-07-14 | 2026-07-14 |
| CVE-2026-55050 | Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to disclose information locally. | [email protected] | 5.5 | — | 2026-07-14 | 2026-07-14 |
| CVE-2026-55047 | Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. | [email protected] | 5.5 | — | 2026-07-14 | 2026-07-14 |
| CVE-2026-55045 | Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally. | [email protected] | 8.4 | — | 2026-07-14 | 2026-07-14 |