In a nutshell: A critical remote code execution vulnerability in SharePoint Server is already being actively exploited and requires immediate patching.
The US Cybersecurity and Infrastructure Security Agency (CISA) has added vulnerability CVE-2026-45659 in Microsoft SharePoint Server (CVSS 8.8) to its catalog of actively exploited vulnerabilities after evidence of exploits in the wild has emerged.
CVE-2026-45659 is a remote code execution vulnerability caused by insecure deserialization of unvalidated data. The classification as critical (CVSS 8.8) reflects the high risk to affected systems.
For CISOs, inclusion in the CISA Known Exploited Vulnerabilities (KEV) catalog means this vulnerability is already being actively used by attackers in the field. This goes beyond theoretical threat and requires escalation in patch prioritization.
Affected environments should immediately deploy Microsoft security updates. Interim measures such as network segmentation of SharePoint servers and monitoring for suspicious deserialization activities are recommended until patches are available and deployed.
Source: thehackernews.com · Published July 2, 2026
Lumi AI News — AI-assisted curation in accordance with Article 50 EU AI Act. Paraphrase and classification through Lumi News Pipeline v1.7.2.