www.cisa.gov 7/14/2026, 10:23:46 PM · external

CISA KEV Flags SharePoint Privilege Escalation Bug CVE-2026-56164

Developing story vulnerability 7 articles tracked
Microsoft issues record Patch Tuesday update for July 2026 with 622 patches including two exploited zero-days
CyberSIXT Evidence Panel
Primary Source msrc.microsoft.com
CISA KEV Listed in KEV
Patch Patch Available

THE page describes the Known Exploited Vulnerabilities (KEV) Catalog maintained by CISA to assist the cybersecurity community in managing vulnerabilities exploited in the wild. Organizations are encouraged to use the KEV catalog for prioritization in vulnerability management. It details a specific vulnerability, CVE-2026-56164, affecting Microsoft SharePoint Server, which allows unauthorized elevation of privileges due to missing authentication. The catalog also offers information on updates, recommendations for mitigation, and ways to subscribe for updates on new vulnerabilities.

View Primary Source Via www.cisa.gov

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline