CISA adds SharePoint zero-day to KEV, agencies told to patch by July 19

TL;DR Summary
CISA added CVE-2026-58644, a critical deserialization RCE in Microsoft SharePoint Server, to the Known Exploited Vulnerabilities catalog, with FCEB agencies required to patch by July 19, 2026. Microsoft said the flaw was exploited in the wild before fixes were released (patches issued July 14, 2026). The warning comes as CISA notes ongoing exploitation of multiple on-premises SharePoint vulnerabilities and urges hardening steps: apply patches, enable AMSI, scan for intrusion artifacts, tailor logging, and avoid exposing SharePoint servers to the internet.
- CISA Adds Exploited SharePoint RCE Zero-Day CVE-2026-58644 to KEV The Hacker News
- Fresh SharePoint Vulnerability Exploited Soon After Disclosure SecurityWeek
- CVE-2026-55040: Microsoft SharePoint JWT Token Authentication Bypass (FIXED) Rapid7
- CISA sounds alarm over trio of exploited SharePoint flaws The Register
- CISA warns of SharePoint vulnerabilities exploited by hackers American Hospital Association
Reading Insights
Total Reads
1
Unique Readers
4
Time Saved
2 min
vs 3 min read
Condensed
83%
478 → 80 words
Want the full story? Read the original article
Read on The Hacker News