Skip to main content

Overview

Microsoft has released a security update addressing a high-severity vulnerability in Microsoft SharePoint Server. This vulnerability could allow an authenticated attacker to execute arbitrary code within the server without requiring user interaction. Successful exploitation could lead to lateral movement across the network, privilege escalation, and unauthorised access to sensitive data.

  • CVE-2026-45659: Remote Code Execution Vulnerability in Microsoft SharePoint Server (CVSSv3 8.8)

Affected versions: Microsoft SharePoint Server Subscription Edition, Microsoft SharePoint Server 2019, & Microsoft SharePoint Enterprise Server 2016.

 

Notepad++ has released security updates addressing multiple vulnerabilities. These vulnerabilities could allow an attacker to execute arbitrary code or manipulate application behaviour, potentially without the user’s knowledge. Successful exploitation could lead to full compromise of the affected system, including unauthorised code execution, data access, and installation of further malware.

  • CVE-2026-48770: Denial of Service Vulnerability (CVSSv3 5.0)
  • CVE-2026-48778: Arbitrary Code Execution Vulnerability (CVSSv3 7.8)
  • CVE-2026-48800: Arbitrary Code Execution Vulnerability (CVSSv3 7.8)

Affected versions: <= 8.9.6

 

GitHub has released a security update for a critical pre-authentication server-side request forgery (SSRF) vulnerability found in the upload endpoint of GitHub Enterprise Server. This vulnerability could allow an unauthenticated attacker to send internal HTTP requests which could lead to them accessing internal services and exposing sensitive credentials.

  • CVE-2026-9312: Server-side Request Forgery (SSRF) in GitHub Enterprise Server (CVSSv4 9.2)

Affected versions: < 3.22

 

Recommended Action    

Organisations are encouraged to review the appropriate security advisory pages and apply the updates:        

Microsoft    –    Security Update Guide - Microsoft SharePoint Remote Code Execution Vulnerability

Notepad++ –    Notepad++ v8.9.6.1 release | Notepad++

GitHub        –    Release notes - GitHub Enterprise Server 3.20 Docs

If you have any concerns, or have been affected by a cyber-related issue, report it to us by submitting a Cyber Concerns Online Reporting Form.  

Topics

  • Advisory
  • Vulnerability
  • Exploit
  • Patches and Updates