CVE-2025-49706
Microsoft SharePoint Server Spoofing VulnerabilityImproper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.
We have discovered 2,679 live websites that are affected by CVE-2025-49706.
Affected Software
| Product |  Microsoft SharePoint |
| Category | Content Management System |
| Vulnerable Domains | 2,679 live websites (49% of Microsoft SharePoint install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 120 versions ( 45% of all versions) |
Common Weakness Enumeration
CWE-287 Improper AuthenticationDetails
- Published - Jul 8, 2025
- Updated - Oct 21, 2025
CVE References
CWE References
CWE
Website Distribution by Country
Number of websites using CVE-2025-49706 United States | 1,108 websites |
 Colombia | 136 websites |
 Canada | 113 websites |
 Vietnam | 112 websites |
 Germany | 92 websites |
 France | 91 websites |
 Turkey | 67 websites |
 Australia | 66 websites |
 Italy | 53 websites |
 Saudi Arabia | 48 websites |
Website Distribution by TLD
Number of websites using CVE-2025-49706| .com | 603 websites |
| .org | 241 websites |
| .edu | 87 websites |
| .ca | 87 websites |
| .de | 86 websites |
| .net | 83 websites |
| .fr | 73 websites |
| .es | 35 websites |
| .eu | 29 websites |
| .dk | 28 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2025-49706
Top websites that are affected by CVE-2025-49706. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| ********.****.com | United States | *** | |
| ***.int |  Switzerland | *,*** | |
| ****.**.gov | United States | *,*** | |
| ***************.org | United States | *,*** | |
| *********.***.es |  Spain | **,*** | |
| ******.***.***.au | Australia | **,*** | |
| ***.gov | United States | **,*** | |
| ****.**.gov | United States | **,*** | |
| *********.**********.com | United States | **,*** | |
| *****.ca | Canada | **,*** |
FAQ
CVE-2025-49706 is Improper Authentication in Microsoft SharePoint
A total of 2,679 websites have been identified as vulnerable to CVE-2025-49706, based on global website indexing conducted by WebTechSurvey.
The Microsoft SharePoint is affected by the CVE-2025-49706 vulnerability.
Microsoft SharePoint versions up to 16.0.5508.1000 are vulnerable to CVE-2025-49706.
CVE-2025-49706 is resolved in version 16.0.5508.1000 of Microsoft SharePoint.