cve-2026-35439

CVE-2026-35439 is a Microsoft SharePoint Server remote code execution vulnerability disclosed on May 12, 2026, with an Important severity rating. The flaw stems from deserialization of untrusted data, affecting SharePoint Server Subscription Edition, SharePoint Server 2019, and SharePoint Enterprise Server 2016. While Microsoft has stated that exploitation is less likely, not public, and not observed in the wild, the vulnerability is network-reachable and resides in a sensitive on-premises collaboration platform. SharePoint administrators are advised to treat CVE-2026-35439 as a patch-now priority rather than a wait-and-see issue, given the potential impact of authenticated RCE in enterprise environments.