CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-26114

criticalcovered by 1 sourcefirst seen 2026-03-25
On 17 March 2026, Microsoft updated one of its January 2026 security advisories related to a remote code execution vulnerability in Microsoft SharePoint. Specifically, Microsoft raised the CVSS score and changed the FAQ section to indicate that the vulnerability could be exploited by an unauthenticated attacker. This vulnerability was added in the CISA's Known Exploited Vulnerabilities (KEV) catalogue on 18 March 2026. Additionally, three further RCE flaws affecting Microsoft SharePoint were addressed in the March 2026 release. CERT-EU strongly recommends updating SharePoint servers as soon as possible, prioritising internet-facing assets. CERT-EU also encourages IT administrators to take necessary remediation actions.

CSIRTS triage

What
A remote code execution vulnerability can be exploited by unauthenticated attackers.
Who is affected
Deployments of Microsoft SharePoint are affected, especially internet-facing assets.
Urgency
Remediation is critical due to the high CVSS score and active exploitation.
Action
Update SharePoint servers as soon as possible.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch CVE-2026-26114

Get an email if CVE-2026-26114 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (1)

External references

NVD record for CVE-2026-26114

CVE.org record

Embed the live status

CVE-2026-26114 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-26114 status](https://www.csirts.com/badge/CVE-2026-26114)](https://www.csirts.com/cve/CVE-2026-26114)