NVD HIGH: CVE-2026-33110 — Deserialization of untrusted data in Microsoft Office SharePoint allows an autho...

Tuesday, May 12, 2026 at 06:17 PM UTC·Source: NIST NVD

Updated: Monday, May 18, 2026 at 11:00 AM UTC

Executive Summary

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

Analysis

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. CVSS Score: 8.8. Published: 2026-05-12T18:17:03.497.

Indicators of Compromise (1)

CVE (1)

CVE-2026-33110

NVD MITRE CVE

Source Attribution

Originally published by NIST NVD on May 12, 2026. Verified by: NIST.

Related Threats

MEDIUMVulnerabilityNEW

Interpol Launches Sweeping Cybercrime Crackdown in MENA Region

Over 200 people were arrested in an anti-cybercrime operation that spanned 13 countries across the Middle East and North Africa

9m agoInfosecurity Magazine

MEDIUMVulnerabilityNEW

Grafana says stolen GitHub token let hackers steal codebase

Grafana Labs disclosed that hackers have downloaded its source code after breaching its GitHub environment using a stolen access token. [...]

23m agoBleepingComputer

LOWVulnerabilityNEW

CMC Markets launches spread-betting account for retail clients

CMC Markets (“CMC”), a FTSE 250 company and global leader in multi-asset online trading and investing, has launched Spectre for retail clients, following strong demand after the product was initially introduced for professional traders.

27m agoFinextra