The US Cybersecurity and Infrastructure Security Agency (CISA) added two Microsoft vulnerabilities to its catalog of known exploited vulnerabilities based on evidence of active attacks. A remote code execution flaw in Microsoft Office (CVE-2009-0238) and an improper input validation vulnerability in SharePoint Server (CVE-2026-32201) are now listed as actively exploited by threat actors. Federal civilian agencies must remediate these by mandatory deadlines; CISA is urging all organizations to prioritize patching as part of routine vulnerability management.