Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
3838 articles · 175945 vulns · 37/41 feeds (7d)
← Back to list
5.3
CVE-2026-56164KEVEXPLOITEDPATCHED
microsoft · microsoft sharepoint enterprise server

Microsoft SharePoint Server Elevation of Privilege Vulnerability

Description

Missing authentication for critical function in Microsoft Office SharePoint allows an unauthorized attacker to elevate privileges over a network.

Affected Products

VendorProductVersions
microsoftmicrosoft sharepoint enterprise server16.0.0, 16.0.0, 16.0.0

References

  • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-56164(vendor-advisory, patch)

Related News (4 articles)

Tier C
Cisco Talos1h ago
Microsoft Patch Tuesday for July 2026 — Snort rules and prominent vulnerabilities
→ No new info (linked only)
Tier D
The Hacker News1h ago
Microsoft Patches Record 622 Flaws, Including Two Zero-Days Under Active Attack
→ No new info (linked only)
Tier B
CCCS Canada2h ago
Microsoft security advisory – July 2026 monthly rollup (AV26-698)
→ No new info (linked only)
Tier C
VulDB3h ago
CVE-2026-56164 | Microsoft SharePoint Server Critical Function missing authentication
→ No new info (linked only)
CVSS 3.15.3 MEDIUM
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:F/RL:O/RC:C
CISA KEV✅ Yes
Actively exploited✅ Yes
Patch available
16.0.5561.100116.0.10417.2017516.0.19725.20434
CWECWE-306
PublishedJul 14, 2026
Last enriched2h agov2
Trending Score137🔥
Source articles4
Independent4
Info Completeness10/14
Missing: epss, exploit, iocs, mitre_attack

Community Vote

0
Login to vote
0 upvotes0 downvotes
No votes yet

Related CVEs (5)

HIGHCVE-2026-56155EXPKEV
Active Directory Federation Services Elevation of Privilege Vulnerability
Trending: 140
HIGHCVE-2026-41091EXPKEV
Microsoft Defender Elevation of Privilege Vulnerability
Trending: 73
CRITICALCVE-2026-48561EXP
Microsoft Copilot Remote Code Execution Vulnerability
Trending: 69
CRITICALCVE-2026-55040EXP
Weak authentication in Microsoft Office SharePoint allows an unauthorized attacker to bypass a security feature over a network.
Trending: 69
HIGHCVE-2026-50424EXP
Windows Domain Controller Denial of Service Vulnerability
Trending: 68

Pin to Dashboard

Verification

State: unverified
Confidence: 0%

Vulnerability Timeline

CVE Published
Jul 14, 2026
Added to CISA KEV
Jul 14, 2026
Discovered by ZDM
Jul 14, 2026
Updated: description, severity
Jul 14, 2026
Actively Exploited
Jul 14, 2026
Patch Available
Jul 14, 2026

Version History

v2
Last enriched 2h ago
v2Tier C2h ago

Updated severity to CRITICAL, changed description for more technical detail, and noted that no exploit is available.

descriptionseverity
via VulDB
v14h ago

Initial creation