CVE-2026-50522
Microsoft SharePoint Remote Code Execution Vulnerability
Description
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code over a network.
In plain language
AI Act nowCVE-2026-50522 is a Microsoft SharePoint flaw that can let an attacker run malicious code over the network without needing a login; if you run SharePoint (2016/2019/Subscription Edition), you should patch right away.
CVE-2026-50522 is a remote code execution issue in Microsoft SharePoint caused by unsafe deserialization of crafted serialized data received over the network, with no authentication or user interaction required; apply the fixed SharePoint builds for 2016, 2019, and Subscription Edition.
What to do now
- Check which Microsoft SharePoint version you run (Enterprise Server 2016, Server 2019, or Subscription Edition) and confirm the currently installed build number.
- If you are on any affected build, upgrade SharePoint to the fixed version for your edition: Enterprise Server 2016 → 16.0.5561.1001.
- If you are on Microsoft SharePoint Server 2019, upgrade to 16.0.10417.20175.
- If you are on Microsoft SharePoint Server Subscription Edition, upgrade to 16.0.19725.20434.
- After upgrading, verify the new SharePoint build is installed and that the SharePoint services are healthy.
CVSS Vector Breakdown
AV:NAttack VectorAC:LAttack ComplexityPR:NPrivileges RequiredUI:NUser InteractionS:UScopeC:HConfidentialityI:HIntegrityA:HAvailabilityWeaknesses
Affected Products
Exploitability
Attack Graph
Click technique nodes for MITRE ATT&CK details · drag to pan · Ctrl/⌘ + scroll to zoom, or go fullscreen.
MITRE ATT&CK
3 techniquesReferences
- В июле Microsoft исправила рекордные 622 уязвимости в своих продуктахru-ru·Хакер (xakep.ru)· Source-only·
- Цунами уязвимостей: июльский Microsoft Patch Tuesdayru-ru·Kaspersky Daily (RU)· Summary only·
- AI-driven bug hunting fuels record Microsoft Patch Tuesdayen-us·Help Net Security·
- Microsoft and Adobe Patch Tuesday, July 2026 Security Update Reviewen-us·Qualys Security Blog·
- Microsoft Patch Tuesday for July 2026 — Snort rules and prominent vulnerabilitiesen·Cisco Talos·
- Microsoft Patches Record 622 Flaws, Including Two Zero-Days Under Active Attacken·The Hacker News·
- Microsoft Patch Tuesday July 2026 - The AI Acopolypse is Hereen·SANS Internet Storm Center·
- Microsoft Patches Record 622 Vulnerabilities, Including Two Exploited Zero-Daysen-us·SecurityWeek·
- Microsoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-daysen-us·BleepingComputer·
Unlock Complete Vulnerability Intelligence
Get the full picture for CVE-2026-50522 and every CVE in our database. Create a free account — no credit card required.
Create Free Account