On the evening of July 18, 2025, Eye Security was the first in identifying large-scale exploitation of a new SharePoint remote code execution (RCE) vulnerability chain in the wild. Read how we found it & what we did afterwards.
These CVEs are only for On-Prem Sharepoint. Not Office/Microsoft 365 Sharepoint, which is the cloud based one integrated into Teams, underlying behind Onedrive, etc.
So not as chaotic or wide reaching as you might be thinking.
First time ever that’s happened.
. . . right?
Sharepoint is in fuckin everything now so this is probably gonna be a fun one.
These CVEs are only for On-Prem Sharepoint. Not Office/Microsoft 365 Sharepoint, which is the cloud based one integrated into Teams, underlying behind Onedrive, etc.
So not as chaotic or wide reaching as you might be thinking.