AI description
CVE-2026-33112 is a deserialization of untrusted data vulnerability affecting Microsoft Office SharePoint. This flaw allows an authorized attacker to execute code over a network. Specifically, it represents a bypass of a previous patch for CVE-2025-53770, targeting SharePoint's DataSet handling and the XmlValidator security control. The vulnerability enables low-privilege authenticated users to achieve remote code execution by exploiting the `<xsd:import>` and `<xsd:include>` elements. Attackers can reference external XSD schemas hosted on a server they control, effectively bypassing the XmlValidator's inspection logic. A working proof-of-concept exploit for this vulnerability has been publicly released.
- Description
- Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
- Source
- secure@microsoft.com
- NVD status
- Analyzed
- Products
- sharepoint_server
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- secure@microsoft.com
- CWE-502
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
3
5月に修正されたSharePointのデシリアライズ脆弱性CVE-2025-53770のパッチを、外部XSD参照の一手でバイパスして再びRCEに到達する手法がCVE-2026-33112として公開されています。管理者権限は不要で、サイトメンバー程
@MalwareBibleJP
10 Jul 2026
1146 Impressions
0 Retweets
8 Likes
2 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2026-33112: Microsoft SharePoint Server Remote Code Execution Vulnerability Critical Vulnerability Alert! Microsoft SharePoint is affected by CVE-2026-33112. Full Vulnerability Details & Analysis at DarkEye: 🔗 https://t.co/nI2FfZ088O 🔍 Identify Targets via Z
@zoomeye_team
8 Jul 2026
2162 Impressions
11 Retweets
25 Likes
6 Bookmarks
2 Replies
0 Quotes
⚠️ A public PoC exploit has been released for CVE-2026-33112, a critical SharePoint RCE vulnerability that bypasses Microsoft's XmlValidator security control. 🔹 Any low-privilege authenticated site member can trigger it — no elevated access needed 🔹 It's a fresh bypa
@techepages
7 Jul 2026
79 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:*",
"matchCriteriaId": "E9919927-DE08-4AE4-B9F6-2A83117EE14A",
"versionEndExcluding": "16.0.19725.20280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "F815EF1D-7B60-47BE-9AC2-2548F99F10E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "6122D014-5BF1-4AF4-8B4D-80205ED7785E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]