THREAT OPS › Threat News › 2026-004: Critical Vulnerability in SharePoint Exploited
2026-004: Critical Vulnerability in SharePoint Exploited
On 17 March 2026, Microsoft updated one of its January 2026 security advisories related to a remote code execution vulnerability in Microsoft SharePoint. Specifically, Microsoft raised the CVSS score and changed the FAQ section to indicate that the vulnerability could be exploited by an unauthenticated attacker. This vulnerability was added in the CISA's Known Exploited Vulnerabilities (KEV) catal
MITRE ATT&CK techniques
Original source: https://cert.europa.eu/publications/security-advisories/2026-004/