www.cisa.gov 7/2/2026, 12:22:58 AM · external

CISA Flags SharePoint CVE-2026-45659 in KEV Catalog

Developing story vulnerability 5 articles tracked
Microsoft SharePoint Server deserialization flaw (CVE-2026-45659) patched
CyberSIXT Evidence Panel Source marked as original reporting
CISA KEV Listed in KEV
Patch Patch Available

THE page details the Known Exploited Vulnerabilities (KEV) Catalog maintained by CISA, which serves as a resource for organizations to manage and prioritize vulnerabilities that have been exploited in the wild. The catalog includes information about specific vulnerabilities, with emphasis on the CVE-2026-45659 associated with Microsoft SharePoint Server, which allows unauthorized code execution through untrusted data deserialization.

Organizations are encouraged to follow vendor instructions for mitigation and adhere to CISA’s guidelines for security updates. The catalog is available in various formats, including CSV and JSON. Users can also nominate new vulnerabilities for inclusion in the catalog.

View full article

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline