Microsoft SharePoint Flaw Enables Remote Code Execution Attacks

**Microsoft SharePoint RCE (CVE-2026-45659)** — A deserialization vulnerability in on-premises Microsoft SharePoint allows authenticated low-privilege users (Site Member) to achieve remote code execution as the SharePoint service account; Microsoft assigned a CVSS 3.1 base score of 8.8 and released patches (KB5002863, KB5002870, KB5002868) on May 21, 2026. No public exploit code or observed in-the-wild exploitation has been reported; recommended mitigations include immediate patching, restricting Site Member permissions, WAF rules to block malicious serialized payloads, segmentation of SharePoint servers, and continuous log monitoring.