1 article
May's Patch Tuesday patches an authenticated RCE in SharePoint Server (CVE-2026-40365) and multiple Office vulnerabilities exploitable via the Windows Explorer and Outlook preview pane without opening files. Together they represent a significant enterprise document attack surface. Assess SharePoint exposure and validate Office update deployment this week.