Skip to content

CISA Adds Exploited SharePoint RCE Zero-Day CVE-2026-58644 to KEV

  • by

​The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly patched security flaw impacting Microsoft SharePoint Server to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to apply the fixes by July 19, 2026.

The vulnerability in question is CVE-2026-58644 (CVSS score: 9.8), a critical deserialization The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly patched security flaw impacting Microsoft SharePoint Server to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to apply the fixes by July 19, 2026.

The vulnerability in question is CVE-2026-58644 (CVSS score: 9.8), a critical deserialization  The Hacker News

Leave a Reply

Your email address will not be published. Required fields are marked *