KB5002843: Fixes the Secure Store Target application “Group claim validation failed” error.

Description of the security update for SharePoint Server Subscription Edition: March 10, 2026 (KB5002843)

Summary

Important:

If you're currently running SharePoint Workflow Manager, you must install SharePoint Workflow Manager (KB5002799) to your farm before you install this cumulative update.

If you're currently running the Classic version of Workflow Manager, you have to enable the debug flag in order to continue using it:

$farm = Get-SPFarm
$farm.ServerDebugFlags.Add(53601)
$farm.update()
iisreset

This security update resolves a Microsoft office remote code execution vulnerability, Microsoft SharePoint Server remote code execution vulnerability and Microsoft SharePoint Server spoofing vulnerability. To learn more about the vulnerabilities, see the following security advisories:​​​​​​​​​​​​​​

• Microsoft Common Vulnerabilities and Exposures CVE-2026-26113
• ​​​​​​​Microsoft Common Vulnerabilities and Exposures CVE-2026-26106
• ​​​​​​​Microsoft Common Vulnerabilities and Exposures CVE-2026-26105

Improvements and fixes
This security update contains improvements and fixes for the following nonsecurity issues in SharePoint Server Subscription Edition:

• ​​​​​​​Fixes the Secure Store Target application “Group claim validation failed” error.
• Reduces redundant Hybrid Search onboarding requests and increases the retry interval between consecutive failures to 15 minutes.
• Enhances the Hybrid Search onboarding script by using a customer-owned application.
• Fixes an issue in which the SharePoint Administration service doesn't start on Windows Server 2025.