A critical remote code execution vulnerability, designated as CVE-2026-58644, has been discovered in Microsoft SharePoint Server, allowing unauthenticated attackers to execute arbitrary code with a CVSS v3.1 score of 9.8. This vulnerability arises from the deserialization of untrusted data and has been confirmed by Microsoft to be actively exploited in the wild1. As a result, it has been added to the CISA's Known Exploited Vulnerabilities catalog, prompting concerns about the need for immediate patching. The vulnerability affects on-premises Microsoft SharePoint Server deployments, and its exploitation status suggests that it should be treated as a high-priority threat. Given the severity of this vulnerability and its active exploitation, practitioners should prioritize patching their Microsoft SharePoint Server deployments to prevent potential attacks. This vulnerability's exploitation in the wild underscores the importance of timely patch management to prevent remote code execution attacks.