THREAT SENTINEL
Back to Dashboard
VulnerabilitiesCritical

CVE-2026-20963: Microsoft SharePoint Deserialization of Untrusted Data Vulnerability

Friday, March 20, 2026
Global
CISA KEV - https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Summary

Microsoft SharePoint contains a deserialization of untrusted data vulnerability that allows an unauthorized attacker to execute code over a network.

Threat Analysis

Microsoft SharePoint contains a deserialization of untrusted data vulnerability that allows an unauthorized attacker to execute code over a network. - Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.. Vendor: Microsoft. Product: SharePoint.

Last updated: Mar 20, 2026, 09:19 AM

Daily Intelligence

Stay Ahead of Threats

Subscribe to receive daily threat briefings delivered to your inbox. Be the first to know about emerging security risks.

No spamUnsubscribe anytimeDaily at 9 AM