Microsoft Edge and SharePoint Server Vulnerabilities Under Active Exploitation

Severity: High (Score: 72.8)

Sources: msrc.microsoft.com, Heise.De, Hkcert

Summary

On April's Patchday, Microsoft addressed over 160 security vulnerabilities, including critical issues in Edge and SharePoint Server. Attackers are actively exploiting CVE-2026-32201 in SharePoint for spoofing attacks, allowing unauthorized access to isolated data. Additionally, CVE-2026-5281 in Edge is being leveraged for remote code execution via crafted HTML pages. The US cybersecurity agency CISA has warned of ongoing attacks exploiting these vulnerabilities. Other critical vulnerabilities include CVE-2026-32190 in Office and CVE-2026-32157 in Remote Desktop Client. Microsoft has implemented RDP hardening measures to mitigate risks associated with Remote Desktop Protocol. Administrators are advised to ensure that their systems are updated with the latest security patches. The situation remains fluid with potential for further exploitation as details emerge. Key Points: • CVE-2026-32201 and CVE-2026-5281 are actively exploited vulnerabilities. • CISA has issued warnings about ongoing attacks targeting Microsoft products. • Microsoft has released critical patches for multiple vulnerabilities this month.

Key Entities

• Data Breach (attack_type)
• DDoS (attack_type)
• Malware (attack_type)
• CVE-2026-32157 (cve)
• CVE-2026-32190 (cve)
• CVE-2026-32201 (cve)
• CVE-2026-33825 (cve)
• CVE-2026-5281 (cve)
• Active Directory (platform)
• Chromium (platform)
• Defender (platform)
• Edge (platform)
• Microsoft Edge (platform)
• Azure (company)
• BlueHammer (vulnerability)