Today’s Patch Tuesday from Microsoft delivers 165 new CVEs for April 2026, including an actively exploited flaw in SharePoint Server (CVE-2026-32201) tied to improper input validation that could enable spoofing and data exposure or manipulation.

Experts warn exploitation could enable phishing, social engineering, and deception within SharePoint environments, increasing risk for trusted content and users.

CISA KEV indicates ongoing exploitation risk for SharePoint vulnerabilities in general, and Microsoft notes CVE-2026-32201 may be chained with other weaknesses.

Credit for Defender flaw discovery goes to Zen Dodd and Yuanpei Xu (HUST) under the Diffract project.

The article lists resolved vulnerabilities and notes some fixes from earlier in the month aren’t counted in this cycle; Edge/Chromium fixes totaled about 80, aiding quicker patching for those components.

Eight flaws are rated Critical, including seven remote code execution flaws and a denial-of-service vulnerability.

Edge-based exposure mirrors Chromium, with multiple researchers contributing to disclosures; expect more vulnerability reporting as AI models advance; practical guidance includes restarting browsers after patches and following detailed analyses for per‑patch steps.

The report includes external analyses and references to third-party insights to supplement the patch coverage and exploitation concerns.

Prioritize updates for Microsoft Office and environments with high exposure to email attachments.

Nearly 60% of patched flaws are elevation-of-privilege issues, with RCE and information disclosure bugs making up smaller shares, continuing the trend of privilege escalation dominance.

readers are directed to the full BleepingComputer report for detailed descriptions of each vulnerability and affected systems.

The piece notes ongoing criticisms of Microsoft’s vulnerability reporting and disclosure practices, including commentary from researchers such as Chaotic Eclipse.