bleeping-computer · Crawled Jul 5, 2026
CISA: Microsoft SharePoint RCE flaw now actively exploited
Read original article ↗AI Summary
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned that a high-severity remote code execution vulnerability in Microsoft SharePoint, tracked as CVE-2026-45659, is now under active exploitation. The flaw allows authenticated attackers with low privileges to execute arbitrary code remotely on unpatched SharePoint servers without user interaction. Microsoft addressed the vulnerability in May 2026 updates, but over 10,000 exposed servers remain at risk. CISA has added the flaw to its Known Exploited Vulnerabilities catalog, mandating federal agencies to patch by a strict deadline.
AI-extracted · verify before operational use
No entities or IoCs were extracted from this article.