socradar.io 7/2/2026, 9:22:05 AM · external

CISA Flags SharePoint RCE (CVE-2026-45659) for Active Exploitation

CISA Flags SharePoint RCE (CVE-2026-45659) for Active Exploitation
Developing story vulnerability 8 articles tracked
Microsoft SharePoint RCE vulnerability (CVE-2026-45659) actively exploited
CyberSIXT Evidence Panel
Primary Source msrc.microsoft.com
CISA KEV Listed in KEV
Patch Patch Available

CISA has flagged CVE-2026-45659, a vulnerability in Microsoft SharePoint Server, indicating active exploitation. This bug allows remote code execution (RCE) due to deserialization of untrusted data and affects on-premises SharePoint versions below specific build numbers. Remediation is urgent, with a deadline set for July 4, 2026. Although Microsoft released fixes in May 2026, authenticated users with minimal permissions could still exploit this vulnerability. Teams must prioritize patching, verify SharePoint versions, and increase monitoring for suspicious activity to mitigate risks.

View Primary Source Via socradar.io

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline