{"id":30,"date":"2026-06-27T16:14:16","date_gmt":"2026-06-27T16:14:16","guid":{"rendered":"https:\/\/foursdeathteam.org\/news\/?p=30"},"modified":"2026-06-27T16:49:27","modified_gmt":"2026-06-27T16:49:27","slug":"microsoft-patches-sharepoint-rce-flaw-cve-2026-45659-across-server-versions","status":"publish","type":"post","link":"https:\/\/foursdeathteam.org\/news\/2026\/06\/27\/microsoft-patches-sharepoint-rce-flaw-cve-2026-45659-across-server-versions\/","title":{"rendered":"Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions"},"content":{"rendered":"\n
\"\"<\/figure>\n\n\n\n

Microsoft has rolled out updates to fix a remote code execution vulnerability impacting SharePoint that could be exploited by bad actors in attacks without requiring any specialized conditions to be met.<\/p>\n\n\n\n

The vulnerability, tracked as CVE-2026-45659<\/a><\/strong>, carries a CVSS score of 8.8. It has been assigned an important severity.<\/p>\n\n\n\n

“Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network,” Microsoft said in an advisory released last week.<\/p>\n\n\n\n

Microsoft noted that the vulnerability could be triggered by any authenticated attacker, and that it does not require administrator or other elevated privileges.<\/p>\n\n\n\n

“In a network-based attack, an authenticated attacker, who has a minimum of Site Member permissions (PR:L), could execute code remotely on the SharePoint Server,” the Windows maker added.<\/p>\n\n\n\n

\"Cybersecurity\"\/<\/a><\/figure>\n\n\n\n

Microsoft credited a researcher named MEOW for discovering and reporting the flaw. Updates have been released for the following versions –<\/p>\n\n\n\n