CVE-2026-26114 Microsoft — Exploit & Vulnerability Details HIGH

Parameter	Value
CVSS	8.8 (HIGH)
Type	CWE-502 (Deserialization of Untrusted Data (Десериализация недоверенных данных))
Vendor	Microsoft
Public PoC	No

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

Attack Parameters

Attack Vector

Network

Атака возможна удалённо

Attack Complexity

Low

Легко эксплуатировать

Privileges Required

Low

Нужны базовые права

User Interaction

None

Не нужно действие пользователя

Impact Assessment

Confidentiality

High

Полная утечка данных

Integrity

High

Полная модификация данных

Availability

High

Полный отказ в обслуживании

CVSS Vector v3.1

Weakness Type (CWE)

CWE-502 Deserialization of Untrusted Data (Десериализация недоверенных данных)

References 1

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26114

secure@microsoft.com

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-26123

Microsoft

5.5

CVE-2026-26144

Microsoft

7.5

CVE-2026-26134

Microsoft

7.8

CVE-2026-26113

Microsoft

8.4

CVE-2026-26112

Microsoft

7.8

Menu

CVE-2026-26114

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-26123

CVE-2026-26144

CVE-2026-26134

CVE-2026-26113

CVE-2026-26112

CVE Details

Editor's Choice

Menu

CVE-2026-26114

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-26123

CVE-2026-26144

CVE-2026-26134

CVE-2026-26113

CVE-2026-26112

CVE Details

Editor's Choice

Stay informed on cybersecurity