CVE Catalog

CVE-2026-47634

HighCVSS 7.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.56%

43th percentile - higher than 43% of all known CVEs

Summary

A vulnerability in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. The issue is due to improper neutralization of special elements in output used by a downstream component.

Risk Assessment

An attacker can impersonate a trusted user or system, potentially leading to data theft, fraud, or loss of trust within the organization.

Recommendation

Apply the security update provided by Microsoft for Microsoft Office SharePoint immediately. Test the patch in a non-production environment before deployment.

Original NVD description (English source)

Improper neutralization of special elements in output used by a downstream component ('injection') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS