Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
CISA Alerts on SharePoint Security Flaw Exploitation

CISA Alerts on SharePoint Security Flaw Exploitation

Posted on July 2, 2026 By CWS

The United States Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert concerning the active exploitation of a critical vulnerability in Microsoft SharePoint Server. This announcement was made on Wednesday, underscoring the urgency of the situation.

Details of the Vulnerability

Identified as a deserialization of untrusted data flaw, this security issue allows attackers with authentication to execute arbitrary code on compromised SharePoint servers. Tracked as CVE-2026-45659, this vulnerability carries a high severity rating with a CVSS score of 8.8. Microsoft addressed this issue with an emergency security update released in late May.

According to Microsoft’s findings, the vulnerability can be exploited by attackers possessing at least Site Member permissions, without needing elevated access. The company highlighted the ease with which the flaw can be exploited, noting that attackers do not require deep technical knowledge of the system to successfully execute attacks repeatedly.

Impacted SharePoint Versions

The affected versions include SharePoint Server Subscription Edition, SharePoint Server 2019, SharePoint Server 2016, and SharePoint Enterprise Server 2016. Microsoft has emphasized the critical nature of applying the security patches provided to mitigate potential risks.

As part of its efforts to manage security vulnerabilities, CISA has added this particular flaw, CVE-2026-45659, to its Known Exploited Vulnerabilities (KEV) catalog. Federal agencies have been instructed to patch the vulnerability within three days, following the directives of Binding Operational Directive (BOD) 26-04.

Recommendations and Broader Context

While CISA has not disclosed specifics about observed attacks exploiting this vulnerability, it is crucial for all organizations to implement Microsoft’s security patches promptly. SharePoint is a critical component for document sharing and collaboration within numerous enterprises, making it a frequent target for attackers.

This alert follows previous incidents where Microsoft patched a zero-day vulnerability in SharePoint in April, and another flaw in March that was being actively targeted. These incidents highlight the ongoing challenge of securing widely-used enterprise software.

Related security updates include Adobe addressing critical vulnerabilities in ColdFusion and Campaign Classic, Citrix patching NetScaler vulnerabilities, and Apple and Google releasing updates for multiple products.

Security Week News Tags:CISA, CVE-2026-45659, Cybersecurity, federal agencies, IT security, Microsoft SharePoint, security patch, SharePoint Server, software update, Vulnerability

Post navigation

Previous Post: Hackers Exploit CitrixBleed Flaw Within Hours of Disclosure

Related Posts

CISA Faces Challenges Amid DHS Shutdown CISA Faces Challenges Amid DHS Shutdown Security Week News
2025 Sees Surge in Cybersecurity M&A Activity 2025 Sees Surge in Cybersecurity M&A Activity Security Week News
Exploit Released for Unpatched Windows Vulnerability Exploit Released for Unpatched Windows Vulnerability Security Week News
Cyber Risk Trends for 2026: Building Resilience, Not Just Defenses Cyber Risk Trends for 2026: Building Resilience, Not Just Defenses Security Week News
Complex Routing, Misconfigurations Exploited for Domain Spoofing in Phishing Attacks Complex Routing, Misconfigurations Exploited for Domain Spoofing in Phishing Attacks Security Week News
Nissan Confirms Impact From Red Hat Data Breach Nissan Confirms Impact From Red Hat Data Breach Security Week News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • CISA Alerts on SharePoint Security Flaw Exploitation
  • Hackers Exploit CitrixBleed Flaw Within Hours of Disclosure
  • AI Browsers Vulnerable to Credential Theft Exploit
  • AI Security Breaches and Email Vulnerabilities Highlighted
  • DHS Confirms HSIN Data Breach by Hackers

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • CISA Alerts on SharePoint Security Flaw Exploitation
  • Hackers Exploit CitrixBleed Flaw Within Hours of Disclosure
  • AI Browsers Vulnerable to Credential Theft Exploit
  • AI Security Breaches and Email Vulnerabilities Highlighted
  • DHS Confirms HSIN Data Breach by Hackers

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark