Skip to content

Incidents involving:

Microsoft SharePoint Server

Vulnerability exploitOngoing

CISA warns of actively exploited on-premises SharePoint Server flaws (CVE-2026-56164, CVE-2026-45659, CVE-2026-32201)

CISA issued an urgent hardening alert after confirming that attackers were chaining three vulnerabilities in on-premises Microsoft SharePoint Server — including an unauthenticated missing-authentication bug the U.S. National Vulnerability Database rates critical — to reach remote code execution, steal IIS machine keys and deploy malware.

Victim
Microsoft SharePoint Server