CVE Tools
Back to feed
SecurityWeek ·EN-US News source Exploited in the wildMicrosoft SharePointCreative Mail WordPress Plugin

CISA Urges Immediate Patching of Exploited SharePoint Vulnerabilities

By Ionut Arghire··2 min read
CVE Tools coverage

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about actively exploited vulnerabilities in Microsoft SharePoint, including the zero-day flaw CVE-2026-56164. This privilege escalation bug allows unauthenticated attackers to execute malicious actions remotely and was recently patched by Microsoft. CISA added it to its Known Exploited Vulnerabilities catalog and urges organizations to apply updates immediately. Additional critical flaws like CVE-2026-55040 and CVE-2026-58644 were also addressed in recent security updates. These issues could lead to remote code execution and data theft if left unpatched.