Attackers need little more than a valid SharePoint account to execute code on vulnerable on prem servers Microsoft prediction that attackers probably wouldnt rush to exploit a newly patched SharePoint bug hasnt aged especially well. CISA has added CVE 2026 45659, a remote code execution flaw in on premises Microsoft SharePoint Server, to its Known Exploited Vulnerabilities KEV catalog after confirming that crimes are now actively exploiting it in the wild. The bug stems from an insecure...