CVE-2026-58644: Microsoft SharePoint Deserialization of Untrusted Data
Microsoft SharePoint Deserialization of Untrusted Data Vulnerability. Microsoft SharePoint contains a deserialization of untrusted data vulnerability that allows an unauthorized attacker to execute code over a network.
- CISA KEV-listed (remediation due 2026-07-19)
- EPSS 1.3% (67.1% percentile)
- CVSS 9.8 critical