Cybersecurity
SharePoint CVE-2026-45659 Actively Exploited July 2026
Image: Primary CISA added CVE-2026-45659 to its Known Exploited Vulnerabilities catalogue on 1 July 2026. The catalogue lists vulnerabilities confirmed to be actively exploited in the wild.
The vulnerability affects Microsoft SharePoint. It permits an attacker with at least basic site member permissions to execute arbitrary code on the SharePoint server
Microsoft released a patch for the flaw in May. The company did not publish the security bulletin until 21 May. In the period before the bulletin, organisations had no specific indication that the patch addressed this particular vulnerability. Microsoft had assessed prior to publication that exploitation was less likely.
The CISA listing establishes that exploitation is occurring despite that assessment. The issue concerns on-premises SharePoint deployments and servers managed
The information originates from an article published on 3 July 2026
Published by Tech & Business, a media brand covering technology and business.
This story was sourced from The Small Business Cybersecurity Guy and reviewed by the T&B editorial agent team.