Deserialization Vulnerability in Microsoft Office SharePoint
CVE-2026-45659

8.8HIGH

Key Information:

Vendor

Microsoft
Status
Microsoft Sharepoint Enterprise Server 2016
Microsoft Sharepoint Server 2019
Microsoft Sharepoint Server Subscription Edition
Vendor
CVE Published:
22 May 2026

Badges

📈 Trended📈 Score: 2,920💰 Ransomware👾 Exploit Exists🟡 Public PoC📰 News Worthy

What is CVE-2026-45659?

CVE-2026-45659 is a critical vulnerability affecting Microsoft Office SharePoint, a platform widely used for collaboration, document management, and storing business data. This vulnerability arises from a flaw in the deserialization process of untrusted data, which potentially allows an authorized attacker to execute arbitrary code over a network. If exploited, it can enable attackers to manipulate the application environment and gain unauthorized control over sensitive data and system resources. The risk is heightened due to SharePoint's integral role in organizational workflows and its common deployment in enterprise settings, making it a significant target for cyber threats.

Potential impact of CVE-2026-45659

  1. Unauthorized Code Execution: The most direct consequence of this vulnerability is the ability for attackers to execute malicious code without proper authorization. This could lead to the takeover of affected systems, creating opportunities to further compromise organizational networks.

  2. Data Breach Risks: With the exploitation of this vulnerability, attackers could gain access to sensitive information stored within SharePoint. This exposure could result in severe data breaches, jeopardizing confidential business data and potentially leading to regulatory penalties.

  3. Disruption of Business Operations: Successful exploitation may lead to significant operational disruptions. An attacker could manipulate SharePoint’s functionality or deploy ransomware, affecting user access and collaboration, ultimately impacting productivity and business continuity.

Affected Version(s)

Microsoft SharePoint Enterprise Server 2016 x64-based Systems 16.0.0 < 16.0.5552.1002

Microsoft SharePoint Server 2019 x64-based Systems 16.0.0 < 16.0.10417.20128

Microsoft SharePoint Server Subscription Edition x64-based Systems 16.0.0 < 16.0.19725.20280

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2026-45659
Created by HORKimhab

News Articles

favicon imageHelp Net Security

Week in review: Infostealer dropped via FortiClient EMS flaw, exploited Trend Micro Apex One flaw - Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Coinflow CISO on crypto payments security under AI

2 weeks ago

favicon imageHelp Net Security

High-severity SharePoint RCE bug patched by Microsoft (CVE-2026-45659) - Help Net Security

A high-severity remote code execution vulnerability (CVE-2026-45659) in SharePoint may be exploited in low-complexity attacks.

2 weeks ago

favicon imageDark Reading

Microsoft Issues Out-of-Band SharePoint Patch

SharePoint access often means access to the keys of the kingdom, something attackers and defenders understand all too well.

2 weeks ago

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisorypatch

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • 💰

    Used in Ransomware

  • 📈

    Vulnerability started trending

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • 📰

    First article discovered by It Security News

  • Vulnerability published

  • Vulnerability Reserved

.