CISA added CVE-2026-45659, a remote code execution vulnerability in Microsoft SharePoint, to its Known Exploited Vulnerabilities catalog due to active exploitation. The flaw, affecting SharePoint Server Subscription Edition, Server 2019, and Enterprise Server 2016, allows authenticated attackers to execute code without elevated privileges. Federal agencies are required to patch the issue by July 4, 2026.
CVE-2026-45659, a high-severity remote code execution vulnerability, affects Microsoft SharePoint Server. It allows authenticated attackers with Site Member permissions to execute arbitrary code, impacting the SharePoint Server Subscription Edition, Server 2019, and Enterprise Server 2016.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has confirmed active exploitation of this vulnerability. The remote code execution flaw is possible due to a deserialization of untrusted data error, and does not require elevated privileges, making exploitation feasible with low complexity.
CISA has added this vulnerability to its Known Exploited Vulnerabilities catalog. They emphasized an urgent need for federal agencies to patch affected systems by July 4, 2026, to mitigate risks associated with its exploitation.
Microsoft released a security patch in May 2026 addressing this vulnerability. Organizations using affected SharePoint versions must apply these patches promptly to secure their systems from potential breaches.
The addition of CVE-2026-45659 to CISA's catalog underscores the critical need for vigilance in patching vulnerable systems. Organizations must prioritize updates to prevent exploitation and protect their networks.
β¨ This summary was generated by AI from the outlets' reporting listed below. It is not independently verified and may contain errors β check the original sources. How BrevFeed works β
CISA has confirmed that a high-severity remote code execution vulnerability in Microsoft SharePoint, tracked as CVE-2026-45659, is being actively exploited. This flaw allows low-privileged authenticated attackers to execute arbitrary code on vulnerable servers, posing significant risks especially for federal agencies that must secure their systems by a mandated deadline.
CISA has identified a high-severity vulnerability (CVE-2026-45659) in Microsoft SharePoint Server being actively exploited by threat actors. This flaw allows attackers with site member permissions to execute arbitrary code, emphasizing the need for urgent patching by organizations.
CISA added CVE-2026-45659, a high-severity remote code execution vulnerability in Microsoft SharePoint Server, to its Known Exploited Vulnerabilities catalog due to active exploitation. This flaw allows authenticated attackers to execute code without elevated privileges, impacting network security for federal agencies required to apply patches by July 4, 2026.