KB5002854

Details

Description of the security update for SharePoint Server 2019: April 14, 2026 (KB5002854)

Applies To

SharePoint Server 2019

Summary

Important:

If you're currently running SharePoint Workflow Manager, you must install the SharePoint Workflow Manager (KB5002799) to your farm before you install this cumulative update.
If you're currently running the Classic version of Workflow Manager, you have to enable the debug flag in order to continue using it.

$farm = Get-SPFarm

$farm.ServerDebugFlags.Add(53601)

$farm.update()

iisreset

This security update resolves a Microsoft SharePoint Server spoofing vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2026-32201.

Notes:

This is build 16.0.10417.20114 of the security update package.
To apply this security update, you must have the release version of Microsoft SharePoint Server 2019 installed on the computer.

Improvements and fixes

This security update contains improvements and fixes for the following nonsecurity issue in SharePoint Server 2019:

Fixes an issue in which some SharePoint pages don't render.

How to get and install the update

Method 1: Microsoft Update

This update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see Windows Update: FAQ.

Method 2: Microsoft Update Catalog

To get the standalone package for this update, go to the Microsoft Update Catalog website.

Method 3: Microsoft Download Center

You can get the...

Affected Packages

Microsoft SharePoint Server 2019

Windows 10 (1507)Windows 10 (1607) / Server 2016Windows 10 (1809) / Server 2019Windows 10 (1903)Windows 10 (1909)

Fixed in:

16.0.10417.20114

References

ADVISORY

https://www.microsoft.com/en-us/download/details.aspx?id=108608