The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned Tuesday that attackers are actively exploiting three vulnerabilities to hack Internet-exposed on-premises SharePoint Server instances.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned Tuesday that attackers are actively exploiting three vulnerabilities to hack Internet-exposed on-premises…

CISA urges immediate patching of five SharePoint vulnerabilities, including three that are actively exploited in the wild.

Three bugs are under active attack, and two more critical holes could add to the pain

Three actively exploited SharePoint vulnerabilities have landed in the KEV catalog, with security experts warning that patching alone won’t prevent business disruption.

Threat actors are exploiting CVE-2026-58644, a Microsoft SharePoint RCE vulnerability patched on the July 2026 Patch Tuesday.