Microsoft has confirmed that vulnerabilities in its on-premises SharePoint Server installations, a network spoofing vulnerability (CVE-202549706), and a remote code execution vulnerability (CVE-2025-49704) are being actively exploited despite releasing an emergency patch on July 20, 2025. The vulnerabilities allow threat actors to “execute code remotely, bypass identity protections such as multi-factor authentication and access system
