PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-45468 Microsoft CVE debrief

CVE-2026-45468 is a MEDIUM-severity vulnerability (CVSS score of 4.6) affecting Microsoft Office SharePoint. The vulnerability involves improper neutralization of input during web page generation, allowing an authorized attacker to perform spoofing over a network. The vulnerability was published on [cve-org](https://www.cve.org/CVERecord?id=CVE-2026-45468) on 2026-06-09T17:17:21.340Z and last modified on 2026-06-10T20:21:03.393Z. For more information, refer to the [NVD detail page](https://nvd.nist.gov/vuln/detail/CVE-2026-45468). Microsoft has provided a [Vendor Advisory](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45468) for this vulnerability.

Vendor
Microsoft
Product
Microsoft SharePoint Enterprise Server 2016
CVSS
MEDIUM 4.6
CISA KEV
Not listed in stored evidence
Original CVE published
2026-06-09
Original CVE updated
2026-06-10
Advisory published
2026-06-09
Advisory updated
2026-06-10

Who should care

Administrators and users of Microsoft Office SharePoint should be aware of this vulnerability and take necessary actions to mitigate it.

Technical summary

The vulnerability is caused by improper neutralization of input during web page generation, allowing an authorized attacker to inject malicious scripts and perform spoofing attacks.

Defensive priority

MEDIUM

Recommended defensive actions

  • Apply patches or updates provided by Microsoft to fix the vulnerability.
  • Implement proper input validation and sanitization to prevent script injection attacks.
  • Monitor SharePoint usage and logs for suspicious activity.

Evidence notes

The vulnerability is confirmed by Microsoft and has a CVSS score of 4.6, indicating a MEDIUM severity level.

Official resources

CVE-2026-45468 was published on 2026-06-09T17:17:21.340Z and last modified on 2026-06-10T20:21:03.393Z.