CVE-2026-58644

CRITICAL KEV

Microsoft SharePoint Remote Code Execution Vulnerability

Title source: cna
STIX 2.1

Exploitation Summary

CVE-2026-58644 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added July 16, 2026.

Description

Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code over a network.

References (1)

Core 1
Core References
Vendor Advisory vendor-advisory patch
Microsoft SharePoint Remote Code Execution Vulnerability
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58644

Scores

CVSS v3 9.8
EPSS 0.0130
EPSS Percentile 67.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation active
Automatable yes
Technical Impact total

Details

CISA KEV 2026-07-16
VulnCheck KEV 2026-07-14
CWE
CWE-502
Status published
Products (6)
Microsoft/Microsoft SharePoint Enterprise Server 2016 16.0.0 - 16.0.5556.1005
Microsoft/Microsoft SharePoint Server 2019 16.0.0 - 16.0.10417.20153
Microsoft/Microsoft SharePoint Server Subscription Edition 16.0.0 - 16.0.19725.20384
microsoft/sharepoint_server 2016
microsoft/sharepoint_server 2019
microsoft/sharepoint_server < 16.0.19725.20434
Published Jul 14, 2026
KEV Added Jul 16, 2026
Tracked Since Jul 14, 2026