CVE-2025-49706 — Actively Exploited: SharePoint (Microsoft)
Microsoft SharePoint contains an improper authentication vulnerability that allows an authorized attacker to perform spoofing over a network. Successfully exploitation could allow an attacker to view sensitive information and make some changes to disclosed information. This vulnerability could be chained with CVE-2025-
| CVE ID | CVE-2025-49706 |
|---|---|
| Vendor | Microsoft |
| Product | SharePoint |
| Vulnerability name | Microsoft SharePoint Improper Authentication Vulnerability |
| Date added | 2025-07-22 |
| Remediation due | 2025-07-23 |
| Known ransomware use | Known |
| Required action | Disconnect public-facing versions of SharePoint Server that have reached their end-of-life (EOL) or end-of-service (EOS) to include SharePoint Server 2013 and earlier versions. For supported versions, please follow the mitigations according to CISA (URL listed below in Notes) and vendor instructions |
| Description | Microsoft SharePoint contains an improper authentication vulnerability that allows an authorized attacker to perform spoofing over a network. Successfully exploitation could allow an attacker to view sensitive information and make some changes to disclosed information. This vulnerability could be chained with CVE-2025-49704. CVE-2025-53771 is a patch bypass for CVE-2025-49706, and the updates for |
| Source | CISA Known Exploited Vulnerabilities |
🔍 Search all exploited vulnerabilities →
$1499/mo
Try ExploitWatch →