High severity8.8CISA KEVNVD Advisory· Published May 22, 2026· Updated May 27, 2026
CVE-2026-45659
CVE-2026-45659
Description
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
Affected products
4cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*+ 3 more
- cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*
- cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:*range: <16.0.19725.20280
- (no CPE)
Patches
Vulnerability mechanics
References
1- msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45659nvdVendor Advisory
News mentions
14- Microsoft said exploitation was 'less likely' ... but CISA just added SharePoint RCE to KEV listThe Register Security · Jul 2, 2026
- CISA: Microsoft SharePoint RCE flaw now actively exploitedBleepingComputer · Jul 2, 2026
- CISA Warns of Actively Exploited Microsoft SharePoint VulnerabilitySecurityWeek · Jul 2, 2026
- CISA Warns of Microsoft SharePoint Server Code Execution Vulnerability Exploited in AttacksCyber Security News · Jul 2, 2026
- SharePoint RCE CVE-2026-45659 Added to CISA KEV After Active ExploitationThe Hacker News · Jul 2, 2026
- Microsoft: CVE-2026-45659 Added to CISA KEV Under Active ExploitationVypr Intelligence · Jul 1, 2026
- June 2026 Patch Tuesday forecast: Where are the CVEs?Help Net Security · Jun 5, 2026
- ⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and MoreThe Hacker News · Jun 1, 2026
- Week in review: Infostealer dropped via FortiClient EMS flaw, exploited Trend Micro Apex One flawHelp Net Security · May 31, 2026
- Microsoft Issues Out-of-Band SharePoint PatchDark Reading · May 26, 2026
- Microsoft SharePoint Server Vulnerability Enables Remote Code Execution AttacksCyber Security News · May 26, 2026
- Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server VersionsThe Hacker News · May 26, 2026
- High-severity SharePoint RCE bug patched by Microsoft (CVE-2026-45659)Help Net Security · May 26, 2026
- CISA Adds One Known Exploited Vulnerability to CatalogCISA Alerts