CVE-2026-20958: Microsoft SharePoint Information Disclosure Vulnerability

Overview

Severity

Medium (CVSS 5.4)

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C

Category

Information Disclosure

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2026-Jan

Released

2026-01-13

Last Updated

2026-01-14

EPSS Score

0.07% (percentile: 20.7%)

Description

Server-side request forgery (ssrf) in Microsoft Office SharePoint allows an authorized attacker to disclose information over a network.

FAQ

What type of information could be disclosed through this issue? The vulnerability may allow limited exposure of data returned from outbound requests SharePoint makes on the attacker’s behalf, such as external HTTP responses or basic network metadata, but not internal network content or sensitive server information. According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L), and integrity (I:L) but lead to no loss of availability (A:N). What is the impact of this vulnerability? An attacker who successfully exploited the vulnerability could view some sensitive information (Confidentiality), make changes to disclosed information (Integrity), but cannot limit access to the resource (Availability).

Affected Products (3)

Microsoft Office

• Microsoft SharePoint Enterprise Server 2016
• Microsoft SharePoint Server 2019
• Microsoft SharePoint Server Subscription Edition

Security Updates (3)

• 5002828
• 5002825
• 5002822

Acknowledgments

<a href="https://telefonica.com/">Telef&#243;nica Ninja Team</a>, <a href="https://telefonica.com/">Telef&#243;nica Ninja Team</a>

Revision History

• 2026-01-13: Information published.
• 2026-01-14: Updated acknowledgment. This is an informational change only.