CRITICAL: Microsoft SharePoint Server Zero-Day CVE-2026-58644 Under Active Attack, CISA Sets Three-Day Clock
Microsoft confirmed CVE-2026-58644, a critical CVSS 9.8 deserialization flaw in on-premises SharePoint Server, was exploited as a zero-day before patches shipped. CISA added it to the KEV catalog with a July 19, 2026 federal deadline. It affects SharePoint Subscription Edition, 2019, and 2016, and attackers are stealing IIS machine keys for persistence.