Wireby Fusion42
Read this story on the live Wire →

Wire · founder news, decoded · regulatory

CISA Adds Exploited SharePoint RCE Zero-Day CVE-2026-58644 to KEV

CISA added CVE-2026-58644, a critical SharePoint Server remote code execution zero-day (CVSS 9.8), to its Known Exploited Vulnerabilities catalogue on 17 July 2026, with a mandatory patch deadline of 19 July for US federal agencies. The vulnerability allows authenticated attackers to execute arbitrary code remotely with low complexity and has been actively exploited in the wild.

This Wire brief sits within Fusion42's coverage of Cybersecurity. Wire is Fusion42's founder-focused intelligence feed: each story is connected to the funds and startups it names — every one with a live profile on Raise or Scout — so founders can follow the capital and the momentum behind the headline rather than just the headline itself. Wire analysis is one of the live surfaces Arthur, Fusion42's AI co-founder, reasons over.

The Wire takeaway

If you build or sell to US federal agencies, you have 48 hours to patch SharePoint or lose access to that customer base—CISA just made this mandatory, and the exploit is live. That deadline moves every supplier upstream: hosting providers, system integrators, and security vendors all get pulled into the same two-day window.

Read the full story at thehackernews.com

Topics: Cybersecurity · sharepoint-rce · zero-day · federal-mandate · patch-deadline · cisa-kev

Related on Wire

Verified 17 July 2026 · Sources: Fusion42 review

CISA Adds Exploited SharePoint RCE Zero-Day CVE-2026… | Fusion42