CISA KEV directive for exploited SharePoint CVE-2026-58644
Public Sector Action
Summary
Hide ▲
Show ▼
CISA added CVE-2026-58644 to its KEV catalog and ordered federal agencies to patch it within three days. The directive applies to an exploited Microsoft SharePoint remote code execution flaw and tightens remediation under BOD 26-04. The move accelerates federal response to a vulnerability with exploitation detected.
Related Happenings
Microsoft SharePoint deserialization RCE (CVE-2026-58644)
Vulnerability
H score48
First: 17.07.2026 10:15
Last: 17.07.2026 10:15
Sources 1
How related:
Although CVE-2026-58644 was not initially marked as exploited, Microsoft has since updated its advisory to note that exploitation was detected and to update the vulnerability’s CVSS score.
About this happening:
Microsoft SharePoint CVE-2026-58644 is a critical RCE now confirmed actively exploited in the wild, exposing SharePoint Server to remote code execution. Microsoft...
Microsoft SharePoint deserialization RCE (CVE-2026-58644)
VulnerabilityHow related: Although CVE-2026-58644 was not initially marked as exploited, Microsoft has since updated its advisory to note that exploitation was detected and to update the vulnerability’s CVSS score.
About this happening: Microsoft SharePoint CVE-2026-58644 is a critical RCE now confirmed actively exploited in the wild, exposing SharePoint Server to remote code execution. Microsoft...
CISA KEV order for FCEB agencies on LiteSpeed cPanel flaw
Public Sector Action
H score36
First: 16.06.2026 13:47
Last: 16.06.2026 13:47
Sources 1
About this happening:
CISA added the LiteSpeed cPanel user-end plugin flaw to KEV and ordered Federal Civilian Executive Branch agencies to secure systems within three days under ...
CISA KEV order for FCEB agencies on LiteSpeed cPanel flaw
Public Sector ActionAbout this happening: CISA added the LiteSpeed cPanel user-end plugin flaw to KEV and ordered Federal Civilian Executive Branch agencies to secure systems within three days under ...
CISA BOD 26-04 prioritizes vulnerability remediation for federal civilian agencies
Public Sector Action
H score27
First: 10.06.2026 15:00
Last: 10.06.2026 15:00
Sources 1
About this happening:
CISA issued Binding Operational Directive 26-04 to require federal civilian agencies to prioritize vulnerability remediation using Asset Exposure, KEV Status,...
CISA BOD 26-04 prioritizes vulnerability remediation for federal civilian agencies
Public Sector ActionAbout this happening: CISA issued Binding Operational Directive 26-04 to require federal civilian agencies to prioritize vulnerability remediation using Asset Exposure, KEV Status,...
CISA orders FCEB patching for CVE-2026-9082
Public Sector Action
H score70
First: 26.05.2026 11:46
Last: 26.05.2026 11:46
Sources 1
About this happening:
CISA added CVE-2026-9082 to the KEV Catalog and ordered FCEB agencies to patch Drupal by May 27, turning an actively exploited flaw into a mandatory federa...
CISA orders FCEB patching for CVE-2026-9082
Public Sector ActionAbout this happening: CISA added CVE-2026-9082 to the KEV Catalog and ordered FCEB agencies to patch Drupal by May 27, turning an actively exploited flaw into a mandatory federa...
Federal civilian executive branch agency hit by network compromise
Incident
H score21
First: 24.04.2026 23:34
Last: 24.04.2026 23:34
Sources 1
About this happening:
A federal civilian executive branch agency was compromised in an early September 2025 intrusion that left attackers with persistent access on Cisco Firepower and Sec...
Federal civilian executive branch agency hit by network compromise
IncidentAbout this happening: A federal civilian executive branch agency was compromised in an early September 2025 intrusion that left attackers with persistent access on Cisco Firepower and Sec...
Timeline
-
17.07.2026 10:15 2 articles · 3h ago
CISA orders rapid patching for exploited Microsoft SharePoint CVE-2026-58644
Legal Policy Action UpdateCISA added CVE-2026-58644 to its Known Exploited Vulnerabilities catalog and required federal agencies to patch the Microsoft SharePoint flaw within three days under BOD 26-04 after warning that attackers were exploiting it.
Show sources
- Fresh SharePoint Vulnerability Exploited Soon After Disclosure — www.securityweek.com — 17.07.2026 10:15
- Fresh SharePoint Vulnerability Exploited Soon After Disclosure — www.securityweek.com — 17.07.2026 10:15
-
17.07.2026 10:15 1 articles · 3h ago
Microsoft confirms exploitation in SharePoint CVE-2026-58644 advisory
Technical Analysis UpdateMicrosoft’s July 2026 Patch Tuesday updates fixed CVE-2026-58644, a CVSS 9.8 deserialization of untrusted data flaw in SharePoint, and later updated its advisory to say exploitation was detected after the vulnerability was not initially marked as exploited.
Show sources
- Fresh SharePoint Vulnerability Exploited Soon After Disclosure — www.securityweek.com — 17.07.2026 10:15