PatchSiren cyber security CVE debrief
CVE-2026-48562 Microsoft CVE debrief
CVE-2026-48562 is a MEDIUM severity vulnerability in Microsoft Office SharePoint, with a CVSS score of 4.6. The vulnerability is caused by improper neutralization of input during web page generation, allowing an authorized attacker to perform spoofing over a network. The vulnerability was published on [cve-org](https://www.cve.org/CVERecord?id=CVE-2026-48562) and details can be found on [nvd](https://nvd.nist.gov/vuln/detail/CVE-2026-48562).
- Vendor
- Microsoft
- Product
- Microsoft SharePoint Enterprise Server 2016
- CVSS
- MEDIUM 4.6
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-09
- Original CVE updated
- 2026-06-12
- Advisory published
- 2026-06-09
- Advisory updated
- 2026-06-12
Who should care
Users of Microsoft Office SharePoint Server, particularly those with administrative privileges, should be aware of this vulnerability and take necessary precautions.
Technical summary
The vulnerability is caused by improper neutralization of input during web page generation, allowing an authorized attacker to perform spoofing over a network. The CVSS vector for this vulnerability is CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N.
Defensive priority
MEDIUM
Recommended defensive actions
- Apply patches or updates provided by Microsoft to vulnerable systems.
- Restrict access to SharePoint Server to authorized users only.
- Monitor SharePoint Server logs for suspicious activity.
Evidence notes
The vulnerability is described in [ref-4](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48562), a vendor advisory from Microsoft.
Official resources
-
CVE-2026-48562 CVE record
CVE.org
-
CVE-2026-48562 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
CVE-2026-48562 was published on 2026-06-09T17:17:44.760Z and modified on 2026-06-12T15:38:34.967Z.