Skip to main content

Microsoft SharePoint Remote Code Execution Vulnerability CVE-2026-33112

Successful exploitation of CVE-2026-33112 could allow an authorised attacker to achieve remote code execution on SharePoint servers via authenticated network access

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Successful exploitation of CVE-2026-33112 could allow an authorised attacker to achieve remote code execution on SharePoint servers via authenticated network access


Threat details

Proof-of Concept exploit for CVE-2026-33112

A security researcher has released proof-of-concept exploit code for CVE-2026-33112.

The NHS England National CSOC assesses exploitation as likely.


Introduction

Microsoft has released security updates to address a high severity vulnerability in SharePoint Server. Successful exploitation of CVE-2026-33112 could allow an authorised attacker to achieve remote code execution on SharePoint servers via authenticated network access.

  • CVE-2026-33112 - Deserialisation of Untrusted Data vulnerability - CVSS v3.1 score - 8.8

Remediation advice

Affected organisations are encouraged to review Microsoft's Security Update Guide - CVE-2026-33112 advisory and apply the relevant update as soon as possible.



Last edited: 9 July 2026 11:59 am