Advertisementspot_img

Oil prices rise as U.S.-Iran hostilities threaten supply through Strait of Hormuz

Oil tankers and cargo vessels remain anchored off Port Sultan Qaboos on June 21, 2026 in Muscat, Oman. Elke Scholiers | Getty ImagesOil prices...
HomeSecurity & JusticeFresh SharePoint Vulnerability Exploited Soon After Disclosure

Fresh SharePoint Vulnerability Exploited Soon After Disclosure

Threat actors have begun exploiting a fresh critical-severity remote code execution (RCE) vulnerability in Microsoft SharePoint, the US cybersecurity agency CISA warns.

Tracked as CVE-2026-58644 (CVSS score of 9.8) and fixed as part of Microsoft’s July 2026 Patch Tuesday updates, the flaw is described as a deserialization of untrusted data issue.

“In a network-based attack, an attacker authenticated as at least a Site Owner could write arbitrary code to inject and execute code remotely on the SharePoint Server,” Microsoft explains.

Microsoft’s security updates resolved several other SharePoint defects, including CVE-2026-56164, which was flagged as exploited in the wild as a zero-day, and CVE-2026-55040, a critical security bypass weakness that could allow attackers to disclose files and modify data.

Although CVE-2026-58644 was not initially marked as exploited, Microsoft has since updated its advisory to note that exploitation was detected and to update the vulnerability’s CVSS score.

On Thursday, two days after warning of the risk posed by these SharePoint security defects, CISA added the CVE to its Known Exploited Vulnerabilities (KEV) catalog, urging federal agencies to patch it within three days, as mandated by BOD 26-04.

Advertisement. Scroll to continue reading.

The cybersecurity agency also added to the KEV list CVE-2026-25089 and CVE-2026-39808, two OS command injection flaws in Fortinet FortiSandbox that were patched in June and April.

Both security defects allow attackers to execute arbitrary code or commands on vulnerable appliances. In mid-June, exploit intelligence company Defused flagged both as exploited in the wild.

In line with BOD 26-04 recommendations, federal agencies are required to patch the three exploited bugs within three days.

Related: Legacy Systems, Real-World Impacts: The Reality of OT Security

Related: Splunk, Zoom Patch Critical Vulnerabilities

Related: F5 Patches Multiple NGINX, BIG-IP Vulnerabilities

Related: Nightmare Eclipse Drops ‘LegacyHive’ Windows Zero-Day


Source:

www.securityweek.com