CVE Tools
Back to feed
Help Net Security ·EN-US News source Exploited in the wildWindowsActive Directory Federation Services (ADFS)SharePoint Server

AI-driven bug hunting fuels record Microsoft Patch Tuesday

By Zeljka Zorz··4 min read
CVE Tools coverage

Microsoft addressed over 570 vulnerabilities in its July 2026 Patch Tuesday update, including two actively exploited flaws—CVE-2026-56155 and CVE-2026-56164—and one previously disclosed issue, CVE-2026-50661. Among these, CVE-2026-56164 is a critical elevation of privilege vulnerability in SharePoint Server that allows remote exploitation with low complexity. Attackers are already leveraging this flaw, prompting urgent calls for patching. Microsoft also warned about another unpatched Windows EoP vulnerability, CVE-2026-56155, which affects ADFS and is being used in real-world attacks. CISA and other agencies have emphasized the need for rapid remediation and additional hardening measures.