Microsoft sharepoint server 2016
This hub aggregates every CVE we track for Microsoft sharepoint server 2016, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.
22
CVEs tracked
1
Critical
17
High
1
In CISA KEV
Severity distribution
HIGH17MEDIUM4CRITICAL1
Monthly trend
0
0
0
0
0
0
1
0
0
0
0
0
2
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Microsoft sharepoint server 2016.
- CVE-2025-53770Microsoft SharePoint Server Remote Code Execution VulnerabilityKEV9.8
- CVE-2025-49703Microsoft Word Remote Code Execution Vulnerability7.8
- CVE-2025-21393Microsoft SharePoint Server Spoofing Vulnerability6.3
- CVE-2024-26251Microsoft SharePoint Server Spoofing Vulnerability6.8
- CVE-2022-38009Microsoft SharePoint Server Remote Code Execution Vulnerability8.8
- CVE-2022-38008Microsoft SharePoint Server Remote Code Execution Vulnerability8.8
- CVE-2022-37961Microsoft SharePoint Server Remote Code Execution Vulnerability8.8
- CVE-2022-35823Microsoft SharePoint Remote Code Execution Vulnerability8.8
- CVE-2022-24472Microsoft SharePoint Server Spoofing Vulnerability8.0
- CVE-2021-1712Microsoft SharePoint Elevation of Privilege Vulnerability8.0
- CVE-2020-1023A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vu...8.8
- CVE-2019-1443An information disclosure vulnerability exists in Microsoft SharePoint when an attacker uploads a specially crafted file to the SharePoint Server.An authenticated attacker who successfully exploite...6.5
- CVE-2018-8428An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoin...5.4
- CVE-2018-8161A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." T...7.8
- CVE-2018-0789Microsoft SharePoint Foundation 2010, Microsoft SharePoint Server 2013 and Microsoft SharePoint Server 2016 allow an elevation of privilege vulnerability due to the way web requests are handled, ak...8.8
Product normalization is registry-driven with AI assist and human review. How it works