ToolShell: Critical SharePoint Zero‑Day RCE in Active Exploitation

Jul 21, 2025 · 3 min read · 🚨 Overview A critical zero‑day Remote Code Execution (RCE) vulnerability in on‑premises Microsoft SharePoint Server—tracked as CVE‑2025‑53770 (with a related CVE‑2025‑53771)—is being actively exploited worldwide. The attack chain, dubbed ToolShell, ...