VDB

GCVE-110-NCSC-2025-315

GCVE-110-NCSC-2025-315
Advisory PublishedCVSS 8.8/10
Vulnetix · Advisory published October 14, 2025
Improper input validation in Microsoft Office SharePoint allows an authorized attacker to execute code remotely, posing a significant security risk.

Weaknesses (CWE)

CWE-20Improper Input ValidationCWE-125Out-of-bounds ReadCWE-502Deserialization of Untrusted DataCWE-416Use After FreeCWE-843Access of Resource Using Incompatible Type ('Type Confusion')CWE-248Uncaught Exception

Risk Scores

CVSS 3.1
8.8/10
High · CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersionsPlatforms
Microsoftvers:unknown/*

References

advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›