CVE-2026-33112

Published May 12, 2026

Last updated 2 months ago

Overview

AI description

Automated description summarized from trusted sources.

CVE-2026-33112 is a deserialization of untrusted data vulnerability affecting Microsoft Office SharePoint. This flaw allows an authorized attacker to execute code over a network. Specifically, it represents a bypass of a previous patch for CVE-2025-53770, targeting SharePoint's DataSet handling and the XmlValidator security control. The vulnerability enables low-privilege authenticated users to achieve remote code execution by exploiting the `<xsd:import>` and `<xsd:include>` elements. Attackers can reference external XSD schemas hosted on a server they control, effectively bypassing the XmlValidator's inspection logic. A working proof-of-concept exploit for this vulnerability has been publicly released.

Description
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
Source
secure@microsoft.com
NVD status
Analyzed
Products
sharepoint_server

Risk scores

CVSS 3.1

Type
Primary
Base score
8.8
Impact score
5.9
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

secure@microsoft.com
CWE-502

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

3

Configurations

References

Sources include official advisories and independent security research.