CISA Warns of Actively Exploited Microsoft SharePoint Vulnerability
On March 18, 2026, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-20963, a critical security flaw in Microsoft SharePoint, to its Known Exploited Vulnerabilities (KEV) catalog. The inclusion confirms that threat actors are actively exploiting the vulnerability in real-world attacks, posing a significant risk to organizations using the collaboration platform.
The flaw stems from improper deserialization of untrusted data in SharePoint, allowing attackers to execute arbitrary code or gain unauthorized access. While details on the specific attack vectors remain limited, the urgency of the KEV listing underscores the need for immediate patching or mitigation.
Microsoft has not yet disclosed the full scope of affected versions, but network administrators are advised to monitor updates and apply security fixes as they become available. The vulnerability highlights ongoing risks in widely used enterprise software, particularly in platforms handling sensitive data.
Source: https://www.linkedin.com/feed/update/urn:li:activity:7440304441339224064
Microsoft_SharePoint cybersecurity rating report: https://www.rankiteo.com/company/microsoft_sharepoint
"id": "MIC1773908622",
"linkid": "microsoft_sharepoint",
"type": "Vulnerability",
"date": "3/2026",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'Technology/Enterprise Software',
'location': 'Global',
'name': 'Microsoft SharePoint',
'type': 'Software'}],
'attack_vector': 'Improper deserialization of untrusted data',
'date_detected': '2026-03-18',
'date_publicly_disclosed': '2026-03-18',
'description': 'On March 18, 2026, the U.S. Cybersecurity and Infrastructure '
'Security Agency (CISA) added CVE-2026-20963, a critical '
'security flaw in Microsoft SharePoint, to its Known Exploited '
'Vulnerabilities (KEV) catalog. The inclusion confirms that '
'threat actors are actively exploiting the vulnerability in '
'real-world attacks, posing a significant risk to '
'organizations using the collaboration platform. The flaw '
'stems from improper deserialization of untrusted data in '
'SharePoint, allowing attackers to execute arbitrary code or '
'gain unauthorized access.',
'impact': {'systems_affected': 'Microsoft SharePoint'},
'investigation_status': 'Ongoing',
'post_incident_analysis': {'corrective_actions': 'Apply security patches as '
'they become available',
'root_causes': 'Improper deserialization of '
'untrusted data in Microsoft '
'SharePoint'},
'recommendations': 'Monitor updates and apply security fixes for Microsoft '
'SharePoint immediately.',
'references': [{'date_accessed': '2026-03-18',
'source': 'CISA Known Exploited Vulnerabilities Catalog'}],
'response': {'remediation_measures': 'Apply security patches as they become '
'available'},
'title': 'CISA Warns of Actively Exploited Microsoft SharePoint Vulnerability '
'(CVE-2026-20963)',
'type': 'Vulnerability Exploitation',
'vulnerability_exploited': 'CVE-2026-20963'}