Sharepoint Server 2016 CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (113 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-47298	1 Microsoft	3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019	2026-06-10	8 High
Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2026-47639	1 Microsoft	5 Sharepoint Enterprise Server 2016, Sharepoint Server, Sharepoint Server 2016 and 2 more	2026-06-10	5.4 Medium
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-48560	1 Microsoft	5 Sharepoint Enterprise Server 2016, Sharepoint Server, Sharepoint Server 2016 and 2 more	2026-06-09	5.4 Medium
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-45458	1 Microsoft	11 365 Apps, Office 2019, Office 2021 and 8 more	2026-06-09	8.4 High
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-45485	1 Microsoft	11 365 Apps, Office 2016, Office 2019 and 8 more	2026-06-09	3.3 Low
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
CVE-2026-44819	1 Microsoft	11 365 Apps, Office 2016, Office 2019 and 8 more	2026-06-09	7.8 High
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2024-49065	1 Microsoft	7 365 Apps, Office, Office Long Term Servicing Channel and 4 more	2026-06-09	5.5 Medium
Microsoft Office Remote Code Execution Vulnerability
CVE-2024-49062	1 Microsoft	3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019	2026-06-09	6.5 Medium
Microsoft SharePoint Information Disclosure Vulnerability
CVE-2024-49070	1 Microsoft	3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019	2026-06-09	7.4 High
Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2024-49068	1 Microsoft	3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019	2026-06-09	8.2 High
Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2024-49064	1 Microsoft	3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019	2026-06-09	6.5 Medium
Microsoft SharePoint Information Disclosure Vulnerability
CVE-2024-43503	1 Microsoft	3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019	2026-06-09	7.8 High
Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2026-47637	1 Microsoft	3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019	2026-06-09	4.6 Medium
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-45464	1 Microsoft	3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019	2026-06-09	5.4 Medium
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-48562	1 Microsoft	3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019	2026-06-09	4.6 Medium
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-45484	1 Microsoft	3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019	2026-06-09	8.8 High
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network.
CVE-2026-45481	1 Microsoft	3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019	2026-06-09	7.3 High
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-47640	1 Microsoft	3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019	2026-06-09	4.6 Medium
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-45465	1 Microsoft	3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019	2026-06-09	5.4 Medium
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-45462	1 Microsoft	3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019	2026-06-09	4.6 Medium
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

Page 1 of 6. next last »