CISA Adds One Known Exploited Vulnerability to Catalog
Summary
CISA has added CVE-2026-45659, a deserialization vulnerability in Microsoft SharePoint Server, to its Known Exploited Vulnerabilities (KEV) Catalog due to evidence of active exploitation. This addition, based on CISA's Binding Operational Directive (BOD) 26-04, requires federal agencies to prioritize the remediation of this high-risk vulnerability on publicly exposed assets.
IFF Assessment
The article highlights a newly identified and actively exploited vulnerability, which represents a direct threat and a cause for concern for defenders.
Severity
CISA KEV: Listed as actively exploited. Federal patch due: July 04, 2026. Known ransomware use: Unknown.
Defender Context
Defenders should be aware of CVE-2026-45659, particularly if they manage Microsoft SharePoint Server environments. Prioritizing patching and vulnerability management for assets listed in CISA's KEV Catalog is crucial to mitigate risks from actively exploited threats.