CISA Urges SharePoint Hardening After New Exploitations
CISA Cybersecurity Advisories·11h·Official
CISA is aware of active exploitation of vulnerabilities CVE-2026-32201, CVE-2026-45659, and CVE-2026-56164, enabling cyber threat actors to gain unauthorized access to on-premises SharePoint Server instances. These vulnerabilities affect all supported on-premises SharePoint Server versions (Subscription Edition, 2019, and 2016) and involve establishing remote code execution (RCE) and post-exploitation activities, such as stealing Internet Information Services (IIS) machine keys and performing de
Categories cybersecurity · government-security · privacy · vulnerability
Original source / advisory ↗Published
7/14/2026, 12:00:00 PM
Fetched
7/14/2026, 9:19:06 PM
Trust
official · 100/100
Language
en