Microsoft Edge and SharePoint Server Vulnerabilities Under Active Exploitation

Microsoft Edge and SharePoint Server Vulnerabilities Under Active Exploitation

First seen 15 Apr 2026, 07:59 UTC HkcertHeise.DeApi.Msrc.MicrosoftCybersecuritynewsGbhackers+4 92% similarity 72.8

Article Content

Browse articles
ThreatCluster

On April's Patchday, Microsoft addressed over 160 security vulnerabilities, including critical issues in Edge and SharePoint Server. Attackers are actively exploiting CVE-2026-32201 in SharePoint for spoofing attacks, allowing unauthorized access to isolated data. Additionally, CVE-2026-5281 in Edge is being leveraged for remote code execution via crafted HTML pages. The US cybersecurity agency CISA has warned of ongoing attacks exploiting these vulnerabilities. Other critical vulnerabilities include CVE-2026-32190 in Office and CVE-2026-32157 in Remote Desktop Client. Microsoft has implemented RDP hardening measures to mitigate risks associated with Remote Desktop Protocol. Administrators are advised to ensure that their systems are updated with the latest security patches. The situation remains fluid with potential for further exploitation as details emerge.

Key Points: • CVE-2026-32201 and CVE-2026-5281 are actively exploited vulnerabilities. • CISA has issued warnings about ongoing attacks targeting Microsoft products. • Microsoft has released critical patches for multiple vulnerabilities this month.

ThreatCluster AI

Timeline

2026-04-01
CVE-2026-5281 published; added to CISA KEV for active exploitation
2026-04-02
First public PoC for CVE-2026-5281 released
2026-04-14
CVE-2026-32201 published; added to CISA KEV for active exploitation
2026-04-14
CVE-2026-33825 published
2026-04-14
CVE-2026-32157 published
2026-04-14
CVE-2026-32190 published
2026-04-15
Microsoft's April Patchday addresses over 160 vulnerabilities

Community

Browse all →