Date of Posting: 2026/07/17

【Vulnerability Alert】Two Critical Security Vulnerabilities Exist in Microsoft SharePoint Server

  • Subject: 【Vulnerability Alert】Two Critical Security Vulnerabilities Exist in Microsoft SharePoint Server


  • Description:
    • Forwarded from Taiwan Computer Emergency Response Team / Coordination Center Security Advisory TWCERTCC-200-202607-00000009
    • Microsoft SharePoint Server is an enterprise-grade collaboration platform that provides document management and team collaboration features, serving as the core platform for enterprise information integration. Recently, Microsoft released critical security advisories (CVE-2026-58644, CVSS: 9.8 and CVE-2026-55040, CVSS: 9.1). CVE-2026-58644 is a Deserialization of Untrusted Data vulnerability, which allows an unauthorized attacker to execute arbitrary code over the network. CVE-2026-55040 is a weak authentication vulnerability, which allows an unauthorized attacker to bypass security features over the network.
  • Affected Platforms:
    • Microsoft SharePoint Server Subscription Edition, Microsoft SharePoint Server 2019, Microsoft SharePoint Enterprise Server 2016
  • Recommended Actions:

Computer and Communication Center
Network System Division