Home / Jul 18, 2026 / Story
0
#1 The Hacker News general July 17, 2026 at 06:42 UTC

CISA Adds Exploited SharePoint RCE Zero-Day CVE-2026-58644 to KEV

By [email protected] (The Hacker News)

AI Summary

CISA added CVE-2026-58644 (CVSS 9.8), a critical deserialization RCE flaw in Microsoft SharePoint Server, to its Known Exploited Vulnerabilities catalog, mandating Federal Civilian Executive Branch agencies patch by July 19, 2026. Active exploitation was confirmed shortly after disclosure, making this an urgent priority for any organization running SharePoint Server on-premises.

Relevance score: 92.0/100

# More from July 18