CISA has ordered federal agencies to patch CVE-2026-45659, a high-severity Microsoft SharePoint Server remote code execution flaw now being actively exploited. The risk is material because a low-privileged authenticated user can trigger code execution on vulnerable on-prem SharePoint servers, making delayed patching a practical exposure for organizations that rely on SharePoint for collaboration and document workflows.
SharePoint Server Actively Exploited: CISA Orders Patch Before Ransomware Actors Strike
Edward Kiledjian
@ekiledjian