Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions
CVE-2026-45659 (CVSS 8.8) lets authenticated SharePoint Site Members execute remote code. Patches are out now for SharePoint Server 2016, 2019, and Subscription Edition.
What’s new: Microsoft has released security patches for a remote code execution vulnerability in SharePoint Server tracked as CVE-2026-45659 (CVSS score: 8.8). The flaw allows authenticated attackers holding Site Member permissions to execute arbitrary code remotely on the affected SharePoint Server — a significant risk in enterprise environments where SharePoint is widely used for document management and collaboration.
Who’s affected
All major SharePoint Server versions are affected, including:
- SharePoint Server Subscription Edition
- SharePoint Server 2019
- SharePoint Enterprise Server 2016
What to do
- Apply Microsoft’s latest security updates for your SharePoint Server version immediately — patches are available now.
- Audit SharePoint site membership and revoke Site Member permissions from any accounts that do not require them.
- Monitor SharePoint server logs for unusual authenticated activity, particularly from accounts with elevated site-level access.
