Researchers warn that hackers are exploiting a medium-grade flaw in Microsoft SharePoint.
The vulnerability, tracked as CVE-2026-32201, stems from improper input validation in SharePoint, which allows an unauthorized attacker to conduct spoofing activity over a network. The vulnerability has a severity score of 6.5.
A successful attack can allow a hacker to view and make changes to confidential information, according to a security update from Microsoft.
Researchers from threat intelligence firm Defused posted to X saying they are tracking a coordinated reconnaissance campaign targeting SharePoint across four IPs.
The activity involves four hosting providers sequenced from April 1 to April 11.
The Cybersecurity and Infrastructure Security Agency on Wednesday added the vulnerability to the Known Exploited Vulnerabilities catalog.
