Alex Yao Alex Yao
Back to news
Cyber Security Published on July 1, 2026

Microsoft SharePoint RCE CVE-2026-45659 actively exploited

CISA has added CVE-2026-45659, a high-severity deserialization remote code execution vulnerability in Microsoft SharePoint, to its Known Exploited Vulnerabilities catalog.

The flaw is notable for its low exploitation barrier: attackers only need Site Member permissions to trigger the vulnerability, making it accessible to compromised or malicious insider accounts rather than requiring administrative access.

Researchers have identified more than 10,000 exposed SharePoint servers globally. Microsoft has released patches, and organizations are advised to prioritize patching and review SharePoint access controls.