Fix-SeptemberCU-Permission-Problem.ps1
Alternatively you can also remove the NT Authority\system account from WSS_WPG and IIS_IUSRS local security groups of the SharePoint machines.
For more details check this article: Trending Issue: SharePoint fixes fail to install after installation of September 2025 CU
Below are the security fixes for the SharePoint OnPrem versions released this month.
SharePoint Server 2016:
- KB 5002868 – SharePoint Server 2016 (language independent)
- KB 5002869 – SharePoint Server 2016 (language dependent)
Microsoft Support recommends to install the complete May 2026 CU for SharePoint 2016 rather than individual security fixes.
SharePoint Server 2019:
- KB 5002870 – SharePoint Server 2019 (language independent)
- KB 5002872 – SharePoint Server 2019 (language dependent)
Microsoft Support recommends to install the complete May 2026 CU for SharePoint 2019 rather than individual security fixes.
SharePoint Server Subscription Edition:
- KB 5002863 – SharePoint Server Subscription Edition
This security fix is identical with May 2026 CU for SharePoint Server Subscription Edition.
Office Online Server:
- KB 5002871 – Office Online Server
Security Vulnerabilities fixed in this PU
| Vulnerability | SP 2016 | SP 2019 | SP SE | OOS | Impact | Max Severity |
|---|---|---|---|---|---|---|
| CVE-2026-33110 | x | x | x | Remote Code Execution | Important | |
| CVE-2026-33112 | x | x | x | Remote Code Execution | Important | |
| CVE-2026-35439 | x | x | x | Remote Code Execution | Important | |
| CVE-2026-40357 | x | x | x | Remote Code Execution | Important | |
| CVE-2026-40359 | x | Remote Code Execution | Important | |||
| CVE-2026-40360 | x | Information Disclosure | Important | |||
| CVE-2026-40362 | x | Remote Code Execution | Important | |||
| CVE-2026-40365 | x | x | x | Remote Code Execution | Critical | |
| CVE-2026-40367 | x | x | x | Remote Code Execution | Critical | |
| CVE-2026-40368 | x | x | x | Remote Code Execution | Important | |
| CVE-2026-45659 | x | x | x | Remote Code Execution | Important | |
| CVE-2026-47294 | x | x | x | Remote Code Execution | Important |
Permalink
Is anyone seeing issues with SharePoint 2019 after installing May 2026 CU? After committing the updates, when I try to access the site(s), the page hangs and never gives an error message.
After install, I reboot the servers and then commit the patches. Then, I update the side-by-side token and clear the configuration cache. This time, I had to reboot the app and wfe servers to restore the sites. But it seems my search application was corrupted and unable to retrieve the topology.
Permalink
I installed the May 2026 CU on 14 SharePoint farms. So far, I have experienced two issues a few times. The issues usually appeared a few days later, after the Windows Servers were restarted.
1️⃣ At least 5 farms had Search Service Application in error state. Search Administration showed “Searchable items: All Errors” and “Search Application Topology: Unable to retrieve topology component health states.”
➡️ After restarting the “SharePoint Search Host Controller” and waiting about a minute, Search worked again.
2️⃣ On at least 2 farms the SharePoint Website response time changed from 0.3 seconds to exactly 80 seconds (which resulted in some timeouts).
➡️ After running PSConfig again, the issue was resolved.
Hope this helps someone else.
Cheers from 🇨🇭,
Benjamin
Permalink
Tried all the steps. Did not resolve the search issue.
Permalink
Is CVE-2026-45659 also addressed by this months security fixes or the next?
Permalink
Hi Marc,
let me get clarity on this.
I will report back.
Cheers,
Stefan
Permalink
Hi Marc,
the information I received is that the fix for CVE-2026-45659 is included in May 2026 CU.
Only the CVE article did not get published in time.
I have updated my blog post as well.
Cheers,
Stefan
Permalink
Hi Stefan!
Im a bit confused about https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45659 that is not listed for may months updates but on the CVSs page the May patch is referred. I also found other articles that was pointing to May patch to fix it.
Can you help me straight this out?
Regards
Mattias
Permalink
Hi Mattias,
I have contacted the relevant people to get clarity.
I will report back.
Cheers,
Stefan
Permalink
Hi Mattias,
the information I received is that the fix for CVE-2026-45659 is included in May 2026 CU.
Only the CVE article did not get published in time.
I have updated my blog post as well.
Cheers,
Stefan
Permalink
Hi Stefan!
Thank you very much for the clarification and update!
Regards
Mattias
Permalink
The SharePoint 2019 environment includes Nintex Workflow. The patch updates frameworks and web service communications within SharePoint.
We would like to validate whether applying this KB could have any impact on Nintex functionality in SharePoint.
Before proceeding, we would like to ensure that there are no known issues or considerations specific to Nintex
Permalink
we installed this patch in SP2019 with nintex and didn’t experience any problem neither with Sp nor with Nintex
Permalink
For https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45659 exists a new revision (1.1):
…”Information published. This CVE was addressed by updates that were released in May 2026, but the CVE was inadvertently omitted from the May 2026 Security Updates. This is an informational change only. Customers who have already installed the May 2026 updates do not need to take any further action.”…
Best regards
Gerald
Permalink
I would also like to know if CVE-2026-45659 is included in May CU? We already installed it, do we have to install an additional update?
Thanks!
Martina
Permalink
Hi Martina,
yes – the information I received is that the fix for CVE-2026-45659 is included in May 2026 CU.
Only the CVE article did not get published in time.
I have updated my blog post as well.
Cheers,
Stefan
Permalink
thanks very much Stefan for the information, this is really helpful for us!
Regards,
Martina
Permalink
Do we need to be on a sepecific version of sharepoint SE to install this update or does any CU work?
currently on 2025 july cu.
Permalink
Hi Bart,
you can directly upgrade from July 2025 CU.
Cheers,
Stefan
Permalink
Ok thank you.
and for this patch we do not need to run the sharepoint configuration wizard right?
kind regards,
Bart
Permalink
Hi Bart,
all SharePoint fixes require the configuration wizard.
Cheers,
Stefan
Permalink
I have SharePoint 2016 environment do I need to patch it or as it is mentioned that the Max Severity set to ‘Important’ as per Security Update Guide website ?
Permalink
Hi Mahmoud,
Microsoft recommends to evaluate and install all Security Fix as soon as possible.
Cheers,
Stefan
Permalink
Is CVE-2026-47294 also addressed by May 2026 security fixes or the next?
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47294
Permalink
Hi Anders,
it is fixed in May CU. Please have a look at Revision 1.1 at the bottom of the CVE article:
“This CVE was addressed by updates that were released in May 2026, but the CVE was inadvertently omitted from the May 2026 Security Updates. This is an informational change only. Customers who have already installed the May 2026 updates do not need to take any further action.”
Cheers,
Stefan
Permalink
Hello Stefan
we experienced an issue in SP SE environments after installing patch from may. when we select upgrade and migration -> Review database status from central admin after a long waiting period we get something went wrong page. More farms are affected but not all….
sites work well, we don’t see any other problem. We can get info from databases via powershell script
do you have any idea what could be the problem?
thank you in advance
Permalink
Hi Gabor,
sorry, I haven’t seen or heard about such a problem.
Cheers,
Stefan