Microsoft SharePoint Server RCE Vulnerability (CVE-2026-45659) Added to CISA KEV Catalog After Active Exploitation
CISA has added a high-severity remote code execution (RCE) vulnerability in Microsoft SharePoint Server, tracked as CVE-2026-45659, to its Known Exploited Vulnerabilities (KEV) catalog. This indicates active exploitation of the flaw, which stems from the deserialization of untrusted data and was patched by Microsoft in May 2026. Organizations using SharePoint Server Subscription Edition, SharePoint Server 2019, and SharePoint Enterprise Server 2016 are urged to apply updates.
Want more?
Open NewsSnap.ai for the full app experience, including audio, personalization, and more news tools.