← volver
CVE-2026-47294

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVSS 8 HIGHEPSS 0.6%CWE-78
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 8EPSS 0.6%KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
01 jun 2026Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Improper neutralization of special elements used in an os command ('os command injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C