cve 2026 45465

CVE-2026-45465 is an Important-rated Microsoft SharePoint Server spoofing vulnerability disclosed on June 9, 2026. The flaw, caused by cross-site scripting, affects supported on-premises SharePoint Server editions including Subscription Edition, SharePoint Server 2019, and SharePoint Enterprise Server 2016. Microsoft released security updates to address the issue. While the CVSS score may appear moderate, the vulnerability targets SharePoint, a widely used internal web platform, making timely patching critical for organizations running on-premises servers. Discussions on WindowsForum emphasize that this spoofing bug should not cause panic but warrants prompt attention to mitigate potential browser-mediated attacks.