CISA has flagged a Microsoft SharePoint flaw as actively exploited, and the real story for defenders is how quickly on-prem patching can become an exposure crisis.
A May Microsoft fix has already become a live defensive problem, with public vulnerability records pointing to a high-severity SharePoint server flaw now under attack.
CISA’s addition of CVE-2026-45659 to its exploited-vulnerability catalog puts Microsoft SharePoint Server operators on a short clock, with deserialization risk now treated as an active threat rather than a routine patch item.
Microsoft has pushed out a fix for CVE-2026-45659, an important-severity SharePoint server flaw tied to unsafe deserialization and a CVSS 8.8 score.