ShellCodeX
Tools • Events • News • Insights
ShellCodeX Intelligence Brief
CRITICAL Vulnerabilities

CISA adds Microsoft SharePoint RCE CVE-2026-45659 to KEV amid active exploitation

Source headline: SharePoint RCE CVE-2026-45659 Added to CISA KEV After Active Exploitation

Threat level Critical
Signal strength 85/100
Source confidence 1 source
Published 2 hours ago

Intelligence Summary

CISA has added a high-severity Microsoft SharePoint Server remote code execution flaw, CVE-2026-45659, to its KEV catalog. The issue involves RCE caused by deserialization of untrusted data. CISA cited evidence indicating the vulnerability is being actively exploited in the wild. With a reported CVSS score of 8.8, the flaw presents a serious risk to exposed SharePoint deployments. Organizations should check whether they are affected and apply the vendor’s recommended fixes or mitigations immediately.

Recommended Action

Prioritize immediate review, validate exposure, and patch or mitigate affected systems.

Topics

#kev #rce #cisa #cve-2026-45659 #deserialization #sharepoint
Original reporting The Hacker News SharePoint RCE CVE-2026-45659 Added to CISA KEV After Active Exploitation
Open original source