CISA Adds Exploited SharePoint RCE Zero-Day CVE-2026-58644 to KEV
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a SharePoint remote code execution zero-day vulnerability, identified as CVE-2026-58644, to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability is actively exploited in the wild. CISA's directive requires federal agencies to apply mitigations by a specified deadline to protect their networks. The addition to the KEV catalog indicates that the vulnerability poses a significant risk and is being used in real-world attacks. Organizations using SharePoint are urged to take immediate action to address the flaw.
// why it matters
Active exploitation of a SharePoint RCE zero-day requires immediate patching to prevent compromise.