// Alert

Microsoft threat report

Microsoft has released patches for CVE-2026-45659, a high-severity remote code execution vulnerability in SharePoint Server caused by deserialization of untrusted data. The flaw affects SharePoint Server Subscription Edition, SharePoint Server 2019, and SharePoint Enterprise Server 2016, and can be exploited by an authenticated attacker with no user interaction to execute code on a vulnerable server. Microsoft rates the attack complexity as low, noting that an attacker does not need significant prior knowledge of the system to achieve repeatable success against the vulnerable component. No public proof-of-concept or in-the-wild exploitation has been reported, and Microsoft assesses exploitation as less likely, but on-prem SharePoint operators are urged to apply the fixed builds (16.0.19725.20280, 16.0.10417.20128, and 16.0.5552.1002) promptly given SharePoint's history as a target for nation-state actors, ransomware crews, and initial access brokers.

// Get alerts for Microsoft