Find notable cyber news and cases, enriched with sources, timelines, and signals.

CISA KEV directive for exploited SharePoint CVE-2026-58644

Public Sector Action
First reported
Last updated
Happening score
H score 38
1 unique sources, 1 articles

Summary

Hide ▲

CISA added CVE-2026-58644 to its KEV catalog and ordered federal agencies to patch it within three days. The directive applies to an exploited Microsoft SharePoint remote code execution flaw and tightens remediation under BOD 26-04. The move accelerates federal response to a vulnerability with exploitation detected.

Related Happenings

Microsoft SharePoint deserialization RCE (CVE-2026-58644)

Vulnerability
H score48 First: 17.07.2026 10:15 Last: 17.07.2026 10:15 Sources 1

How related: Although CVE-2026-58644 was not initially marked as exploited, Microsoft has since updated its advisory to note that exploitation was detected and to update the vulnerability’s CVSS score.

About this happening: Microsoft SharePoint CVE-2026-58644 is a critical RCE now confirmed actively exploited in the wild, exposing SharePoint Server to remote code execution. Microsoft...

CISA KEV order for FCEB agencies on LiteSpeed cPanel flaw

Public Sector Action
H score36 First: 16.06.2026 13:47 Last: 16.06.2026 13:47 Sources 1

About this happening: CISA added the LiteSpeed cPanel user-end plugin flaw to KEV and ordered Federal Civilian Executive Branch agencies to secure systems within three days under ...

CISA BOD 26-04 prioritizes vulnerability remediation for federal civilian agencies

Public Sector Action
H score27 First: 10.06.2026 15:00 Last: 10.06.2026 15:00 Sources 1

About this happening: CISA issued Binding Operational Directive 26-04 to require federal civilian agencies to prioritize vulnerability remediation using Asset Exposure, KEV Status,...

CISA orders FCEB patching for CVE-2026-9082

Public Sector Action
H score70 First: 26.05.2026 11:46 Last: 26.05.2026 11:46 Sources 1

About this happening: CISA added CVE-2026-9082 to the KEV Catalog and ordered FCEB agencies to patch Drupal by May 27, turning an actively exploited flaw into a mandatory federa...

Federal civilian executive branch agency hit by network compromise

Incident
H score21 First: 24.04.2026 23:34 Last: 24.04.2026 23:34 Sources 1

About this happening: A federal civilian executive branch agency was compromised in an early September 2025 intrusion that left attackers with persistent access on Cisco Firepower and Sec...

Timeline

  1. 17.07.2026 10:15 2 articles · 3h ago

    CISA orders rapid patching for exploited Microsoft SharePoint CVE-2026-58644

    Legal Policy Action Update

    CISA added CVE-2026-58644 to its Known Exploited Vulnerabilities catalog and required federal agencies to patch the Microsoft SharePoint flaw within three days under BOD 26-04 after warning that attackers were exploiting it.

    Show sources
  2. 17.07.2026 10:15 1 articles · 3h ago

    Microsoft confirms exploitation in SharePoint CVE-2026-58644 advisory

    Technical Analysis Update

    Microsoft’s July 2026 Patch Tuesday updates fixed CVE-2026-58644, a CVSS 9.8 deserialization of untrusted data flaw in SharePoint, and later updated its advisory to say exploitation was detected after the vulnerability was not initially marked as exploited.

    Show sources