本頁列出影響 microsoft sharepoint_server 的已公開 CVE 漏洞(透過 NVD CPE 關聯)。每列包含嚴重程度評分、摘要與發布日期,便於識別與分析安全議題。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2026-48562 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | [email protected] | 4.6 | 0.06% | 2026-06-09 | 2026-06-12 |
| CVE-2026-48560 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | [email protected] | 5.4 | 0.47% | 2026-06-09 | 2026-06-12 |
| CVE-2026-47641 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | [email protected] | 4.6 | 0.09% | 2026-06-09 | 2026-06-10 |
| CVE-2026-47640 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | [email protected] | 4.6 | 0.06% | 2026-06-09 | 2026-06-10 |
| CVE-2026-47639 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | [email protected] | 5.4 | 0.06% | 2026-06-09 | 2026-06-10 |
| CVE-2026-47638 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | [email protected] | 4.6 | 0.06% | 2026-06-09 | 2026-06-10 |
| CVE-2026-47637 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | [email protected] | 4.6 | 0.06% | 2026-06-09 | 2026-06-10 |
| CVE-2026-47636 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | [email protected] | 5.4 | 0.06% | 2026-06-09 | 2026-06-10 |
| CVE-2026-47634 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | [email protected] | 7.3 | 0.06% | 2026-06-09 | 2026-06-10 |
| CVE-2026-47298 | Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | [email protected] | 8.0 | 0.07% | 2026-06-09 | 2026-06-12 |
| CVE-2026-45485 | Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. | [email protected] | 3.3 | 0.05% | 2026-06-09 | 2026-06-11 |
| CVE-2026-45484 | Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network. | [email protected] | 8.8 | 0.68% | 2026-06-09 | 2026-06-12 |
| CVE-2026-45481 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | [email protected] | 7.3 | 0.06% | 2026-06-09 | 2026-06-12 |
| CVE-2026-45479 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | [email protected] | 4.6 | 0.06% | 2026-06-09 | 2026-06-10 |
| CVE-2026-45468 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | [email protected] | 4.6 | 0.06% | 2026-06-09 | 2026-06-11 |
| CVE-2026-45467 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | [email protected] | 4.6 | 0.06% | 2026-06-09 | 2026-06-12 |
| CVE-2026-45465 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | [email protected] | 5.4 | 0.06% | 2026-06-09 | 2026-06-10 |
| CVE-2026-45464 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | [email protected] | 5.4 | 0.06% | 2026-06-09 | 2026-06-10 |
| CVE-2026-45462 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | [email protected] | 4.6 | 0.06% | 2026-06-09 | 2026-06-10 |
| CVE-2026-45458 | Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. | [email protected] | 8.4 | 0.06% | 2026-06-09 | 2026-06-11 |