BleepingComputer ·EN-US News source Exploited in the wildSharePoint Server
CISA warns admins to patch actively exploited SharePoint flaws
CVE Tools coverage
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning that attackers are actively exploiting three critical vulnerabilities in on-premises SharePoint Server deployments. These flaws—CVE-2026-32201, CVE-2026-45659, and CVE-2026-56164—affect all supported self-hosted versions, including the latest Subscription Edition. Attackers are leveraging these issues to bypass authentication, execute arbitrary code remotely, and maintain persistence by deploying malware. CISA urges administrators to apply available patches immediately and implement additional hardening measures to reduce risk.