Close Menu

    Subscribe to Updates

    Get the latest Tech news from SynapseFlow

    What's Hot

    This Week’s Awesome Tech Stories From Around the Web (Through July 18)

    July 19, 2026

    A niche iPhone browser quietly fixes my biggest problem with Google Search

    July 19, 2026

    RDP error, The user account has been locked because there were too many logon attempts

    July 19, 2026
    Facebook X (Twitter) Instagram
    • Homepage
    • About Us
    • Contact Us
    • Privacy Policy
    Facebook X (Twitter) Instagram YouTube
    synapseflow.co.uksynapseflow.co.uk
    • AI News & Updates
    • Cybersecurity
    • Future Tech
    • Reviews
    • Software & Apps
    • Tech Gadgets
    synapseflow.co.uksynapseflow.co.uk
    Home»Cybersecurity»Fresh SharePoint Vulnerability Exploited Soon After Disclosure
    Fresh SharePoint Vulnerability Exploited Soon After Disclosure
    Cybersecurity

    Fresh SharePoint Vulnerability Exploited Soon After Disclosure

    The Tech GuyBy The Tech GuyJuly 18, 2026No Comments2 Mins Read0 Views
    Share
    Facebook Twitter LinkedIn Pinterest Email
    Advertisement


    Threat actors have begun exploiting a fresh critical-severity remote code execution (RCE) vulnerability in Microsoft SharePoint, the US cybersecurity agency CISA warns.

    Advertisement

    Tracked as CVE-2026-58644 (CVSS score of 9.8) and fixed as part of Microsoft’s July 2026 Patch Tuesday updates, the flaw is described as a deserialization of untrusted data issue.

    “In a network-based attack, an attacker authenticated as at least a Site Owner could write arbitrary code to inject and execute code remotely on the SharePoint Server,” Microsoft explains.

    Microsoft’s security updates resolved several other SharePoint defects, including CVE-2026-56164, which was flagged as exploited in the wild as a zero-day, and CVE-2026-55040, a critical security bypass weakness that could allow attackers to disclose files and modify data.

    Although CVE-2026-58644 was not initially marked as exploited, Microsoft has since updated its advisory to note that exploitation was detected and to update the vulnerability’s CVSS score.

    On Thursday, two days after warning of the risk posed by these SharePoint security defects, CISA added the CVE to its Known Exploited Vulnerabilities (KEV) catalog, urging federal agencies to patch it within three days, as mandated by BOD 26-04.

    Advertisement. Scroll to continue reading.

    The cybersecurity agency also added to the KEV list CVE-2026-25089 and CVE-2026-39808, two OS command injection flaws in Fortinet FortiSandbox that were patched in June and April.

    Both security defects allow attackers to execute arbitrary code or commands on vulnerable appliances. In mid-June, exploit intelligence company Defused flagged both as exploited in the wild.

    In line with BOD 26-04 recommendations, federal agencies are required to patch the three exploited bugs within three days.

    Related: Legacy Systems, Real-World Impacts: The Reality of OT Security

    Related: Splunk, Zoom Patch Critical Vulnerabilities

    Related: F5 Patches Multiple NGINX, BIG-IP Vulnerabilities

    Related: Nightmare Eclipse Drops ‘LegacyHive’ Windows Zero-Day

    Advertisement
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    The Tech Guy
    • Website

    Related Posts

    Coca-Cola Suspends US Fairlife Production Due to Ransomware Attack

    July 19, 2026

    Cyberattack Disrupts Operations of Japanese Frozen Food Giant Nichirei

    July 18, 2026

    Industry Reactions to Pentagon Suspending CMMC Phase 2: Feedback Friday

    July 18, 2026

    Beacon Security Raises $13 Million for Security Data Platform

    July 18, 2026

    Podcast: Broken Governance, Agentic AI, and the MindStone Agent Exclusive

    July 17, 2026

    In Other News: Iran Tracks US Military Phones, CrashStealer macOS Malware, CVD Blueprint

    July 17, 2026
    Leave A Reply Cancel Reply

    Advertisement
    Top Posts

    You don’t need a NAS to self-host — I proved it with hardware from my closet

    June 7, 2026282 Views

    Spotify is giving one of its best playlists a big visual upgrade to give subscribers ‘a closer connection’ to its New Music Friday curators — and I think it could be the update it’s always needed

    June 12, 2026171 Views

    The iPad Air brand makes no sense – it needs a rethink

    October 12, 202516 Views
    Stay In Touch
    • Facebook
    • YouTube
    • TikTok
    • WhatsApp
    • Twitter
    • Instagram
    Advertisement
    About Us
    About Us

    SynapseFlow brings you the latest updates in Technology, AI, and Gadgets from innovations and reviews to future trends. Stay smart, stay updated with the tech world every day!

    Our Picks

    This Week’s Awesome Tech Stories From Around the Web (Through July 18)

    July 19, 2026

    A niche iPhone browser quietly fixes my biggest problem with Google Search

    July 19, 2026

    RDP error, The user account has been locked because there were too many logon attempts

    July 19, 2026
    categories
    • AI News & Updates
    • Cybersecurity
    • Future Tech
    • Reviews
    • Software & Apps
    • Tech Gadgets
    Facebook X (Twitter) Instagram Pinterest YouTube Dribbble
    • Homepage
    • About Us
    • Contact Us
    • Privacy Policy
    © 2026 SynapseFlow All Rights Reserved.

    Type above and press Enter to search. Press Esc to cancel.

    Ad Blocker Enabled!
    Ad Blocker Enabled!
    Our website is made possible by displaying online advertisements to our visitors. Please support us by disabling your Ad Blocker.