CVE-2026-20958: Microsoft SharePoint Information Disclosure Vulnerability

CVE-2026-20957: Microsoft Excel Remote Code Execution Vulnerability

CVE-2026-21226: Azure Core shared client library for Python Remote Code Execution Vulnerability

CVE-2026-20941: Host Process for Windows Tasks Elevation of Privilege Vulnerability

CVE-2026-20935: Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability

**What type of information could be disclosed through this issue?**

The vulnerability may allow limited exposure of data returned from outbound requests SharePoint makes on the attacker’s behalf, such as external HTTP responses or basic network metadata, but not internal network content or sensitive server information.

Headline

CVE-2026-20958: Microsoft SharePoint Information Disclosure Vulnerability

Microsoft Security Response Center: Latest News