Home / Jul 03, 2026 / Story
0
#3 The Hacker News general July 02, 2026 at 05:46 UTC

SharePoint RCE CVE-2026-45659 Added to CISA KEV After Active Exploitation

By [email protected] (The Hacker News)

AI Summary

CISA added CVE-2026-45659, a CVSS 8.8 remote code execution vulnerability in Microsoft SharePoint Server caused by deserialization of untrusted data, to its Known Exploited Vulnerabilities catalog after confirming active in-the-wild exploitation. The flaw was patched in May 2026, giving organizations a narrow remediation window before attackers moved. SharePoint Server admins should verify patch status immediately per CISA's Binding Operational Directive 22-01 timelines.

Relevance score: 85.0/100

# More from July 03