CISA Warns of Actively Exploited Microsoft SharePoint Deserialization Vulnerability
CVE-2026-45659, a high-severity deserialization flaw in Microsoft SharePoint Server allowing authenticated code execution, is being actively exploited in the wild.
Attack Brief
TargetMicrosoft SharePoint ServerVectorDeserialization of untrusted data leading to arbitrary code executionAttributionunattributed
Technical Details
CVE IDsCVE-2026-45659MITRE ATT&CKT1190AffectedSharePoint Server Subscription Edition, SharePoint Server 2019, SharePoint Server 2016, SharePoint Enterprise Server 2016
Impact
Confirmed DamageActive exploitation confirmed; arbitrary code execution on vulnerable servers
Mitigation
PatchesOut-of-band security update released late May 2026
Context
Similar AttacksApril 2026: SharePoint zero-day exploited in the wild; March 2026: CISA warned of another SharePoint vulnerability targeted in active attacks
Source
https://www.securityweek.com/cisa-warns-of-actively-exploited-microsoft-sharepoint-vulnerability/on 2026-07-02T00:00:00Z2 sources