{"data":{"id":"05af1f00-9740-493f-bf3b-dccdcaef9e50","title":"CVE-2026-45659: Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability","summary":"Microsoft SharePoint Server has a deserialization of untrusted data vulnerability (a flaw where the software unsafely processes data from an untrusted source, allowing an attacker to inject malicious code), which lets an authorized attacker run code over a network. This vulnerability is actively being exploited in real attacks. Organizations must apply security updates following CISA's BOD 26-04 guidance by July 4, 2026, or stop using the product if no fix is available.","solution":"Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA's BOD 26-04 Prioritizing Security Updates Based on Risk guidance. Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. See https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45659 for vendor-specific details and https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk for patching guidelines.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-45659","publishedAt":"2026-07-01T00:00:00.000Z","cveId":"CVE-2026-45659","cweIds":["CWE-502"],"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":["supply_chain"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":["Microsoft"],"affectedVendorsRaw":["Microsoft SharePoint Server"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"active","epssScore":0.02781,"patchAvailable":true,"disclosureDate":"2026-07-01T00:00:00.000Z","capecIds":["CAPEC-586"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","availability"],"aiComponentTargeted":null,"llmSpecific":false,"classifierConfidence":0.75,"researchCategory":null,"atlasIds":["AML.T0010"]}}