// Alert

Microsoft 365 threat report

Microsoft has released patches for CVE-2026-45659, a high-severity remote code execution vulnerability in SharePoint Server caused by deserialization of untrusted data. The flaw carries a CVSS score of 8.8 and affects SharePoint Server Subscription Edition, SharePoint Server 2019, and SharePoint Enterprise Server 2016. Exploitation requires an authenticated session but no user interaction, and Microsoft rates the attack complexity as low, meaning a payload can be reused reliably against vulnerable instances. Microsoft assesses exploitation as less likely and no public proof-of-concept is available, but on-prem SharePoint servers have repeatedly been targeted by nation-state actors, ransomware operators, and initial access brokers. Fixes are available in builds 16.0.19725.20280 (Subscription Edition), 16.0.10417.20128 (2019), and 16.0.5552.1002 (2016), and administrators are advised to apply them promptly.

// Get alerts for Microsoft 365