PatchSiren cyber security CVE debrief
CVE-2026-45484 Microsoft CVE debrief
CVE-2026-45484 is a HIGH severity vulnerability in Microsoft Office SharePoint, with a CVSS score of 8.8. The vulnerability is caused by deserialization of untrusted data, allowing an authorized attacker to elevate privileges over a network. The CVE was published on 2026-06-09T17:17:22.883Z and last modified on 2026-06-09T19:32:51.440Z.
- Vendor
- Microsoft
- Product
- Microsoft SharePoint Enterprise Server 2016
- CVSS
- HIGH 8.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-09
- Original CVE updated
- 2026-06-09
- Advisory published
- 2026-06-09
- Advisory updated
- 2026-06-09
Who should care
Administrators and users of Microsoft Office SharePoint should be aware of this vulnerability and take necessary actions to mitigate it.
Technical summary
The vulnerability is caused by deserialization of untrusted data in Microsoft Office SharePoint, which allows an authorized attacker to elevate privileges over a network. The CVSS vector is CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.
Defensive priority
HIGH
Recommended defensive actions
- Apply patches or updates provided by Microsoft to fix the vulnerability.
- Restrict access to sensitive areas of the SharePoint instance.
- Monitor for suspicious activity and implement additional security measures as needed.
Evidence notes
The vendor is identified as 'Unknown Vendor' with low confidence, and 'Microsoft' is listed as a candidate evidence with source 'reference_domain_candidate'.
Official resources
-
CVE-2026-45484 CVE record
CVE.org
-
CVE-2026-45484 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-45484 was published on 2026-06-09T17:17:22.883Z and last modified on 2026-06-09T19:32:51.440Z.