CVE-2026-58644: Microsoft SharePoint Deserialization of Untrusted Data Vulnerability

Summary

Microsoft SharePoint has a deserialization of untrusted data vulnerability that allows remote code execution by unauthorized attackers. Users are instructed to apply mitigations provided by the vendor, following CISA's guidance on prioritizing security updates and forensic triage requirements.

IFF Assessment

FOE

This vulnerability allows unauthorized remote code execution, posing a significant risk to systems and data.

Severity

9.8 Critical

The CVSS score is estimated to be high (9.8) due to the critical impact of remote code execution, the availability of network attack vectors, and the lack of significant user interaction required to exploit it.

CISA KEV: Listed as actively exploited. Federal patch due: July 19, 2026. Known ransomware use: Unknown.

Defender Context

This vulnerability in Microsoft SharePoint allows for remote code execution, making it a critical target for attackers. Defenders should prioritize applying vendor-provided mitigations and adhere to CISA's guidance for timely patching, especially considering the federal due date.

Read Full Story →