Cisa-Kev — CraftedSignal Threat Feedhttps://feed.craftedsignal.io/tags/cisa-kev/Trending threats, MITRE ATT&CK coverage, and detection metadata — refreshed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioFri, 20 Mar 2026 12:00:00 +0000Active Exploitation of SharePoint Deserialization Vulnerability (CVE-2026-20963)https://feed.craftedsignal.io/briefs/2026-03-sharepoint-deserialization/Fri, 20 Mar 2026 12:00:00 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-03-sharepoint-deserialization/CVE-2026-20963, a SharePoint deserialization vulnerability, is under active exploitation and has been added to the CISA Known Exploited Vulnerabilities (KEV) catalog, requiring immediate patching and auditing of potentially compromised data.<p>On March 18, 2026, CISA added CVE-2026-20963, a SharePoint deserialization vulnerability, to its Known Exploited Vulnerabilities catalog, signaling active exploitation in the wild. This vulnerability allows attackers to execute arbitrary code on affected SharePoint servers through the deserialization of untrusted data. Organizations utilizing SharePoint are urged to apply the necessary patches promptly. Beyond patching, it&rsquo;s crucial to conduct a thorough audit of SharePoint assets, particularly…</p> criticaladvisoryCVE-2026-20963sharepointdeserializationcisa-kev