Microsoft has released security updates to address a serious remote code execution (RCE) vulnerability affecting Microsoft SharePoint that could allow attackers to execute malicious code over a network.
The flaw, tracked as CVE-2026-45659, has received a CVSS score of 8.8 and is classified as an “Important” severity issue.
According to Microsoft, the vulnerability stems from the deserialization of untrusted data in SharePoint. If successfully exploited, an authenticated attacker could remotely execute code on vulnerable SharePoint servers without needing administrative privileges or any special attack conditions.
Microsoft explained that an attacker only requires minimum Site Member permissions to exploit the flaw in a network-based attack scenario. This lowers the barrier for potential exploitation, making timely patching especially important for organizations running on-premises SharePoint environments.
Affected SharePoint Versions
Security updates have been released for the following SharePoint editions:
- SharePoint Server Subscription Edition
- SharePoint Server 2019
- SharePoint Enterprise Server 2016
Microsoft credited a security researcher known as MEOW for responsibly disclosing the vulnerability.
SharePoint Continues to Be a Target
The latest patch follows another recently addressed SharePoint issue, CVE-2026-32201, a spoofing vulnerability that Microsoft confirmed had already been exploited in real-world attacks.
Although Microsoft currently considers CVE-2026-45659 less likely to be actively exploited, cybersecurity experts continue to warn that SharePoint vulnerabilities are frequently targeted by threat actors due to the platform’s widespread enterprise adoption and access to sensitive organizational data.
Why Organizations Should Patch Immediately
Even when vulnerabilities are not under active exploitation, delaying updates can expose organizations to unnecessary risk. Attackers often analyze newly released patches to reverse-engineer vulnerabilities and develop exploit techniques shortly after disclosure.
Organizations using affected SharePoint Server versions are strongly advised to apply Microsoft’s latest security updates as soon as possible to reduce exposure and strengthen their overall security posture.
