Microsoft · SharePoint Server
Updated July 2, 2026
A deserialization of untrusted data vulnerability in Microsoft SharePoint Server allows remote code execution. This vulnerability can be exploited by an authorized attacker, making it a significant concern for organizations. As it has been recently added to the CISA Known Exploited Vulnerabilities list, immediate attention is required.
If left unpatched, this vulnerability can lead to remote code execution, potentially resulting in data breaches and system compromise. Attackers could leverage this vulnerability to gain initial access to a network, making it a critical concern for security teams.
Apply the latest security updates to Microsoft SharePoint Server as soon as possible, and consider implementing additional security measures such as network segmentation and monitoring. Ensure that all affected systems are patched to prevent potential exploitation.