logo

Active Exploitation of Microsoft SharePoint Flaw CVE-2026-45659 Confirmed

ID: 1dca3849-7fee-5502-913a-99a9095a29a6

STIX ID: report--1dca3849-7fee-5502-913a-99a9095a29a6

Feed Name: ThreatCluster

Threat Score
75/100

Date Published: 2026-07-04

Date Updated: 2026-07-04

...
...

CVE-2026-45659 is a critical remote code execution vulnerability in Microsoft SharePoint (affecting SharePoint Server Subscription Edition, 2019, and Enterprise Server 2016) caused by untrusted data deserialization; CISA has added it to its Known Exploited Vulnerabilities catalog and mandated federal patching by July 4, 2026. Microsoft released a patch on May 21, 2026, but bulletin details were omitted; organizations are urged to verify patch levels and enact incident response if not updated.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.