THREATOPS
THREAT OPSCVEs › CVE-2026-20963

CVE-2026-20963 — Microsoft SharePoint Deserialization of Untrusted Data Vulnerability

CISA KEVExploited: confirmedMicrosoft

Microsoft SharePoint contains a deserialization of untrusted data vulnerability that allows an unauthorized attacker to execute code over a network.

Vulnerability details

Exploiting threat actors

Related reporting