Microsoft has released updates to fix CVE-2026-45659, a high-severity remote code execution flaw in Microsoft SharePoint that could be abused by any authenticated attacker with minimal permissions. The company said the issue was found by MEOW and comes shortly after a separately exploited SharePoint spoofing bug, CVE-2026-32201, was patched. #CVE-2026-45659 #MicrosoftSharePoint #CVE-2026-32201 #MEOW
Keypoints
- Microsoft patched CVE-2026-45659 in SharePoint.
- The flaw enables remote code execution through untrusted deserialization.
- An authenticated attacker with Site Member permissions could exploit it.
- The vulnerability has a CVSS score of 8.8 and is rated important.
- MEOW reported the issue, and Microsoft urged prompt patching after CVE-2026-32201 was exploited in the wild.
Read More: https://thehackernews.com/2026/05/microsoft-patches-sharepoint-rce-flaw.html