A missing authentication flaw in on-premises Microsoft SharePoint Server lets an unauthenticated attacker escalate privileges over the network, a zero-day Microsoft confirms is already under active exploitation.
Read more about Emerging Threat: (CVE-2026-56164) SharePoint Server Privilege Escalation via Missing Authentication