Emerging Threat: (CVE-2026-56164) SharePoint Server Privilege Escalation via Missing Authentication
CVE-2026-56164 is a privilege escalation vulnerability in on-premises Microsoft SharePoint Server, caused by a missing authentication check on a critical function (CWE-306). An unauthenticated attacker can exploit it over a network, with no credentials and no user interaction required. The vulnerability carries a CVSS v3.1 base score of 5.3 (Medium), and Microsoft rates it Moderate.