A critical deserialization vulnerability (CVE-2026-45659) in Microsoft SharePoint Server is being actively exploited, enabling remote code execution by low-privileged attackers. The flaw affects SharePoint Enterprise Server 2016, Server 2019, and Subscription Edition, with fixed versions available. CISA added this CVE to its KEV catalog on July 1, 2026, and the Canadian Cyber Centre urges immediate patching, especially for internet-exposed on-premises deployments.