The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a high-severity Microsoft SharePoint Server remote code execution vulnerability, CVE-2026-45659, to its Known Exploited Vulnerabilities (KEV) catalog. CISA states there is evidence that the flaw is being actively exploited in the wild. The vulnerability affects Microsoft SharePoint Server and carries a CVSS score of 8.8. According to the reporting, the issue is triggered through remote code execution caused by the deserialization of untrusted data. CISA’s KEV listing functions as a federal directive encouraging organizations to remediate the vulnerability. Multiple outlets note that the flaw was patched in May, and CISA’s warning indicates attackers have started using the patched weakness shortly after remediation became available. The accounts also describe the vulnerability at a high level without detailing specific attacker techniques or indicators. Overall, the sources converge on CISA’s assessment of active exploitation and the identified vulnerability (CVE-2026-45659) affecting SharePoint Server.
CISA Adds Microsoft SharePoint RCE CVE-2026-45659 to KEV After Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a high-severity Microsoft SharePoint Server remote code execution vulnerability, CVE-2026-45659, to its Known Exploited Vulnerabil...
- CISA adds CVE-2026-45659, a high-severity Microsoft SharePoint Server vulnerability, to its KEV catalog.
- CISA cites evidence that the flaw is being actively exploited.
- The vulnerability is a remote code execution issue with a CVSS score of 8.8.
- The reported cause is remote code execution via deserialization of untrusted data.
- Microsoft patched the vulnerability in May, and CISA’s warning follows the start of exploitation.
CISA warned on Wednesday that attackers have begun exploiting a high-severity Microsoft SharePoint remote code execution vulnerability patched in May. [...]
3 hours agoCISA says threat actors are exploiting a recently patched SharePoint remote code execution vulnerability (CVE-2026-45659). The post CISA Warns of Actively Exploited Microsoft SharePoint Vulnerability appeared first on SecurityWeek.
4 hours agoThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw impacting Microsoft SharePoint Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2026-45659 (CVSS score: 8.8), is a case of remote code execution arising from the deserialization of untrusted data. The issue
8 hours ago
EU’s top court dismisses Google’s appeal over record €4.1 billion Android antitrust fine
The European Court of Justice dismisses Google’s appeal against a record European Union antitrust fine tied to its Andro...
Microsoft creates AI deployment company with $2.5 billion commitment
Microsoft launches a new initiative aimed at helping companies adopt artificial intelligence, committing $2.5 billion to...
Rivian raises 2026 delivery forecast after stronger-than-expected Q2 production and sales
Rivian is increasing its 2026 delivery outlook, citing improving production and demand for its current lineup. TechCrunc...