Initiatives for
As the national authority for Cybersecurity the CCB has developed several initiatives for specific publics which are presented here.
Warning: Microsoft SharePoint Remote Code Execution Vulnerability, Patch Immediately!
Image
Published : 27/05/2026
- Last update: 27/05/2026
- Affected software: Microsoft SharePoint
- Type: Remote Code Execution (RCE)
- CVE/CVSS: CVE-2026-45659: CVSS 8.8 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Sources
- Microsoft: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45659
- NIST NVD: https://nvd.nist.gov/vuln/detail/CVE-2026-45659
Risks
SharePoint is a productivity platform belonging to Microsoft 365 Suite. It is affected by CVE-2026-45659, a deserialization of untrusted data vulnerability which can lead to remote code execution.
An authenticated attacker could exploit the vulnerability by sending malicious data to the SharePoint server, potentially compromising the entire system. This weakness causes SharePoint to process serialized data without verifying the validity or safety of the data. Executing the malicious code could significantly impact the confidentiality, integrity and availability of the targeted system.
Description
Exploitation of CVE-2026-45659 only requires Site Member permissions. It requires no user interaction or deep technical knowledge as attack complexity is low. The general risk is considerable should a compromised account be used to exploit this vulnerability and grant the attacker control of the Microsoft environment.
There are no reports of this vulnerability being exploited in the wild, according to Microsoft.
Recommended Actions
Patch
The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority, after thorough testing.
Monitor/Detect
The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.
In case of an intrusion, you can report an incident via: https://ccb.belgium.be/report-incident.
While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.