VYPR
Unrated severityCISA KEVNVD Advisory· Published Jul 8, 2025· Updated Feb 13, 2026

Microsoft SharePoint Remote Code Execution Vulnerability

CVE-2025-49704

Description

Improper control of generation of code ('code injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

Affected products

3

Patches

Vulnerability mechanics

References

1

News mentions

1