securityonline.info 7/2/2026, 4:41:44 AM · external

Attackers exploit SharePoint RCE bug CVE-2026-45659, patch urged

Attackers exploit SharePoint RCE bug CVE-2026-45659, patch urged
Developing story vulnerability 6 articles tracked
Microsoft SharePoint RCE vulnerability (CVE-2026-45659) actively exploited
CyberSIXT Evidence Panel
Primary Source msrc.microsoft.com
CISA KEV Listed in KEV
Patch Patch Available

A significant vulnerability (CVE-2026-45659) in Microsoft SharePoint Server has been identified, allowing for remote code execution due to unsafe deserialization of untrusted data. This flaw has been actively exploited and added to CISA's Known Exploited Vulnerabilities catalog. Affected versions include SharePoint Server 2016 (16.0.0) and similar editions. The CVSS score is 8.8, indicating a high severity. Patches were released in May 2026, and federal agencies are required to update by July 4, 2026.

SharePoint serves as a crucial target for attackers as it handles sensitive corporate data, necessitating immediate attention and remediation.

View Primary Source Via securityonline.info

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline