CYBERHAWK / CVE / CVE-2026-45644

CVE-2026-45644

HIGH CVSS 8.0 other

The flaw

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Live Share Canvas SDK allows an authorized attacker to elevate privileges over a network.

What to do

Review advisory and patch per vendor guidance.

▸ Scan my repo for CVE-2026-45644

References

NVD CISA KEV OSV GitHub Advisory MITRE News search

In the news

Zero Day Initiative — The June 2026 Security Update Reviewthezdi.com · 2026-06-09
Microsoft June 2026 Patch Tuesday fixes 6 zero-days, 200 flawsBleepingComputer · 2026-06-09
Microsoft Patch Tuesday June 2026 – 198 Vulnerabilities Fixed, Including 3 Zero-daysCyberSecurityNews · 2026-06-09

First seen 2026-06-12 · Tracked by PickBits CyberHawk · Weekly CVE digest

← All CVEs RSS Scheduled audits