Active Exploitation of Microsoft SharePoint Flaw CVE-2026-45659 Confirmed
ID: 1dca3849-7fee-5502-913a-99a9095a29a6
STIX ID: report--1dca3849-7fee-5502-913a-99a9095a29a6
Feed Name: ThreatCluster
CVE-2026-45659 is a critical remote code execution vulnerability in Microsoft SharePoint (affecting SharePoint Server Subscription Edition, 2019, and Enterprise Server 2016) caused by untrusted data deserialization; CISA has added it to its Known Exploited Vulnerabilities catalog and mandated federal patching by July 4, 2026. Microsoft released a patch on May 21, 2026, but bulletin details were omitted; organizations are urged to verify patch levels and enact incident response if not updated.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
