CVE-2026-45659: Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2026-45659CVSS 8.8CISA KEVWindows

CVE-2026-45659: Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

CVSS
8.8 HIGH
EPSS
86.67%
Known exploited
yes
Product
SharePoint Server

What is known

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

Sources