Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2026-26114)

Description

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

Remediation

References

Related Vulnerabilities

Joomla! Core Security Bypass (2.5.0 - 3.9.16)

Drupal Core 8.3.0 Security Bypass (8.3.0)

WordPress Plugin Easy Property Listings Unspecified Vulnerability (2.0)

WordPress Plugin AccessPress Anonymous Post Pro Arbitrary File Upload (3.1.9)

phpMyFAQ Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) Vulnerability (CVE-2023-1758)

Severity

High

Classification

CVE-2026-26114 CWE-502 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities