#3
The Hacker News
general
July 02, 2026 at 05:46 UTC
SharePoint RCE CVE-2026-45659 Added to CISA KEV After Active Exploitation
By [email protected] (The Hacker News)
AI Summary
CISA added CVE-2026-45659, a CVSS 8.8 remote code execution vulnerability in Microsoft SharePoint Server caused by deserialization of untrusted data, to its Known Exploited Vulnerabilities catalog after confirming active in-the-wild exploitation. The flaw was patched in May 2026, giving organizations a narrow remediation window before attackers moved. SharePoint Server admins should verify patch status immediately per CISA's Binding Operational Directive 22-01 timelines.
Relevance score: 85.0/100
Sponsored
Protect Your Business
Expert cybersecurity solutions to safeguard your organization from evolving threats.
Get Protected →