{"cve":{"cve_id":"CVE-2019-1296","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.07784,"epss_percentile":0.93876,"epss_as_of":"2026-06-23","description":"A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1257, CVE-2019-1295.","published_at":"2019-09-11T21:25:01Z","last_modified_at":null,"cvss_v3_score":null,"cvss_v3_vector":null,"cvss_v3_severity":null,"cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":null,"ssvc_automatable":null,"ssvc_technical_impact":null,"cwes":null,"nvd_references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1296"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-28T23:12:04.035753Z"},"effective_severity":null,"badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":null,"metrics":[]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"microsoft","vendor_name":"Microsoft","product_slug":"microsoft-sharepoint-enterprise-server","product_name":"Microsoft SharePoint Enterprise Server","version_start":"2016","version_start_inclusive":true,"version_end":"2016","version_end_inclusive":true,"cpe23_uri":"cve5:microsoft:microsoft-sharepoint-enterprise-server:2016:2016"},{"vendor_slug":"microsoft","vendor_name":"Microsoft","product_slug":"microsoft-sharepoint-foundation","product_name":"Microsoft SharePoint Foundation","version_start":"2013 Service Pack 1","version_start_inclusive":true,"version_end":"2013 Service Pack 1","version_end_inclusive":true,"cpe23_uri":"cve5:microsoft:microsoft-sharepoint-foundation:2013 Service Pack 1:2013 Service Pack 1"},{"vendor_slug":"microsoft","vendor_name":"Microsoft","product_slug":"microsoft-sharepoint-server","product_name":"Microsoft SharePoint Server","version_start":"2019","version_start_inclusive":true,"version_end":"2019","version_end_inclusive":true,"cpe23_uri":"cve5:microsoft:microsoft-sharepoint-server:2019:2019"}],"exploit_refs":[],"news":[],"references":[{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1296","source_type":"VENDOR_ADVISORY","tags":["advisory"]}],"timeline":[{"type":"published","at":"2019-09-11T21:25:01Z","label":"CVE published","source":null}]}