CISA: Microsoft SharePoint RCE flaw now actively exploited

CISA: Microsoft SharePoint RCE flaw now actively exploited
CISA has warned that attackers are actively exploiting CVE-2026-45659, a high-severity Microsoft SharePoint remote code execution flaw that can let authenticated users run arbitrary code on unpatched servers. Microsoft has issued updates for affected SharePoint versions, while CISA has added the issue to its Known Exploited Vulnerabilities Catalog and ordered federal agencies to patch exposed systems quickly. #CVE-2026-45659 #MicrosoftSharePoint #CISA #BOD-26-04

Keypoints

  • CISA says CVE-2026-45659 is being exploited in the wild.
  • The flaw affects Microsoft SharePoint servers and enables remote code execution.
  • An authenticated attacker with Site Member permissions can trigger the bug.
  • Microsoft released fixes for SharePoint Enterprise Server 2016, SharePoint Server 2019, and SharePoint Server Subscription Edition.
  • CISA added the flaw to its KEV catalog and ordered federal agencies to patch it by Saturday.

Read More: https://www.bleepingcomputer.com/news/security/cisa-microsoft-sharepoint-rce-flaw-now-actively-exploited/