Back to advisories

Fresh SharePoint Vulnerability Exploited Soon After Disclosure

Microsoft SharePoint RCE vulnerability CVE-2026-58644 (CVSS 9.8) is actively exploited in the wild following July 2026 Patch Tuesday disclosure. Authenticated attackers with Site Owner privileges can execute arbitrary code via deserialization flaws. All organizations running affected SharePoint versions are at immediate risk.

CRITICALAdvisoryJul 19, 2026
Action required
Patch all SharePoint instances to latest July 2026 updates immediately. Prioritize federal systems per CISA BOD 26-04 three-day mandate. Hunt logs for Site Owner account abuse, suspicious deserialization activity, and post-exploitation artifacts on SharePoint servers.
Affected products
Microsoft SharePointFortinet FortiSandboxMicrosoftFortinet