CISA has warned that threat actors are actively exploiting CVE-2026-58644, a critical Microsoft SharePoint RCE flaw that was fixed in July 2026 and later added to the KEV catalog. Microsoft also updated its advisory to confirm exploitation, while CISA urged federal agencies to patch related exploited issues in Fortinet FortiSandbox under BOD 26-04. #CVE-2026-58644 #MicrosoftSharePoint #CISA #FortinetFortiSandbox #CVE-2026-25089 #CVE-2026-39808
Keypoints
- CVE-2026-58644 is a critical SharePoint remote code execution vulnerability.
- Microsoft fixed the flaw in its July 2026 Patch Tuesday updates.
- CISA added CVE-2026-58644 to the KEV catalog after exploitation was confirmed.
- The SharePoint issue involves deserialization of untrusted data and can allow remote code execution.
- CISA also listed two exploited Fortinet FortiSandbox command injection flaws, CVE-2026-25089 and CVE-2026-39808.
Read More: https://www.securityweek.com/fresh-sharepoint-vulnerability-exploited-soon-after-disclosure/