CISA added Microsoft SharePoint Server CVE-2026-58644 to its exploited-vulnerabilities catalog on July 16, two days after Microsoft patched it. Admins should patch, verify AMSI, hunt for machine-key theft, and reduce internet exposure before treating the farm as clean.