CVE-2026-32201

MEDIUM KEV

Microsoft SharePoint Server Spoofing Vulnerability

Title source: cna

Description

Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.

Exploits (1)

nomisec WORKING POC
by B1tBit · poc
https://github.com/B1tBit/CVE-2026-32201-exploit

References (2)

Scores

CVSS v3 6.5
EPSS 0.0794
EPSS Percentile 92.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Details

CISA KEV 2026-04-14
VulnCheck KEV 2026-04-14
ENISA EUVD EUVD-2026-22587
CWE
CWE-20
Status published
Products (6)
Microsoft/Microsoft SharePoint Enterprise Server 2016 16.0.0 - 16.0.5548.1003
Microsoft/Microsoft SharePoint Server 2019 16.0.0 - 16.0.10417.20114
Microsoft/Microsoft SharePoint Server Subscription Edition 16.0.0 - 16.0.19725.20210
microsoft/sharepoint_server 2016
microsoft/sharepoint_server 2019
microsoft/sharepoint_server < 16.0.19725.20210
Published Apr 14, 2026
KEV Added Apr 14, 2026
Tracked Since Apr 14, 2026