Security · 2h ago
CISA Flags Actively Exploited SharePoint RCE Bug in KEV Catalog
CISA added CVE-2026-45659, a high-severity SharePoint Server remote code execution flaw, to its Known Exploited Vulnerabilities catalog after confirmation of active attacks. The bug, with a CVSS score of 8.8, stems from deserialization of untrusted data. Organizations are urged to apply Microsoft's patch immediately.
Meridian48 take
While the CVSS score is high, the real urgency comes from CISA's KEV listing, which signals active exploitation and makes this a must-patch for any organization using SharePoint.
Read the full reporting
SharePoint RCE CVE-2026-45659 Added to CISA KEV After Active Exploitation →
The Hacker News
sharepointcisa-kev